Wednesday, December 26, 2007

random vs. urandom

random and urandom are devices in /dev that provide random data for applications. The main difference between random and urandom is how they are pulling random data from kernel. random always takes data from entropy pool. If the pool is empty, random will block the operation until the pool would be filled enough. urandom will genarate data using SHA(or any other algorithm, MD5 sometimes) algorithm in the case kernel entropy pool is empty. urandom will never block the operation. I've been testing them for some time and have found out that kernel's entropy pool is empty quite often. So /dev/random device causes operations to block all the time for a long time. That's not good when you are generating lots of UIDs. In "On entropy and randomness" lwn.net article was mentioned that random is for paranoid purposes =). urandom provides quite enough random data for everyday usage. urandom RNG algorithm is strong enough to provide random data + it takes data from entropy pool if it's available. If there is no task to generate strong random data on which will depend humans being use urandom instead of random.

7 comments:

Unknown said...

you answered my question. THANKS! great info.

Ni@m said...

Thank you for the reply, Nick!

Vo Nu said...

Thanks for the info! And congratulations on top Google result (on my end) for `difference between random and urandom`. ;)

Ni@m said...

Thanks, Jack.
Glad that it helped you.

Anonymous said...

Thanks for explaining this. Learned something new. :)

Anonymous said...

Thank you for the excellent explanation!

Ni@m said...

Thanks! Glad that it was helpful for you.