/dev/random blocking is only useful during early boot and causes performance problems otherwise. A good seed should provide an “infinite” amount of entropy so blocking during system operation is obsolete. Applications that use the RNG after boot are recommended to use urandom because it doesn’t block. jitter-entropy ensures a well seeded boot environment and stops slow boot and blocking. Crypto like ECC uses entropy from the kernel and not via /dev/random. Jitter acts as a safety net for all crypto operations.
With the current config in Whonix / Kicksecure (haveged, jitterentropyrng user space daemon and kernel module), /dev/random has same performance as /dev/urandom?
So in case of Whonix / Kicksecure we can use /dev/random all the way.
Yes we can. What custom software are you thinking of?
- uwt time privacy