@hashbreaker
Jan 26
New librandombytes: randombytes.cr.yp.to/ This is designed to shield applications from having to worry about random() not being very random, RAND_bytes() maybe failing, older machines not having getrandom(), /dev/urandom maybe not being initialized, /dev/random being slow, etc.
https://randombytes.cr.yp.to/
Seems to be a one stop shop to mitigate all the slowness and silent failure disasters with Linux PRNGs.
1 Like
A C library.
Not going to improve entropy system wide. Only for applications that explicitly make use of the library.
Quote https://randombytes.cr.yp.to/security.html:
librandombytes does not provide a new RNG; it is a wrapper around existing RNGs. It does not wrap every available RNG; it limits the number of options to simplify review. It takes the maximally centralized option, the OS kernel’s RNG, by default; it provides one backup option, the OpenSSL RNG, just in case this is critical for system performance.
There’s a lot of nice content here:
https://randombytes.cr.yp.to/security.html
A lot of it would be useful quotations in the wiki, here: