Thread

  1. Still wondering about random numbers...

    Dr. Evil <drevil@sidereal.kz> — 2001-08-07T09:01:06Z

    I am running on OpenBSD and Linux, both of which have
    cryptographic-quality RNGs built in.  When I call RANDOM() in PG, do I
    get the old C library random numbers, which are not very random, or do
    I get high-quality random numbers from the crypto-RNG that's built in?
    Any sugestions for getting high-quality random numbers?
    
    
  2. Re: Still wondering about random numbers...

    Joe Conway <joseph.conway@home.com> — 2001-08-07T15:27:44Z

    > I am running on OpenBSD and Linux, both of which have
    > cryptographic-quality RNGs built in.  When I call RANDOM() in PG, do I
    > get the old C library random numbers, which are not very random, or do
    > I get high-quality random numbers from the crypto-RNG that's built in?
    > Any sugestions for getting high-quality random numbers?
    
    Looking through the source, I find:
    
    /*
     *  drandom  - returns a random number
     */
    Datum
    drandom(PG_FUNCTION_ARGS)
    {
     float8  result;
    
     /* result 0.0-1.0 */
     result = ((double) random()) / ((double) MAX_RANDOM_VALUE);
    
     PG_RETURN_FLOAT8(result);
    }
    
    Looks like plain old C library random numbers. If you want to use
    /dev/random or /dev/urandom, best bet would be to write your own C function.
    You should also check through the contrib stuff -- I don't recall seeing RNG
    functions in there, but I'm constantly amazed at what is in contrib that I
    didn't notice before ;-)
    
    HTH,
    
    Joe
    
    
    
    
    
    
    
    
  3. Re: Still wondering about random numbers...

    Tom Lane <tgl@sss.pgh.pa.us> — 2001-08-07T16:00:56Z

    "Joe Conway" <joseph.conway@home.com> writes:
    > Looks like plain old C library random numbers. If you want to use
    > /dev/random or /dev/urandom, best bet would be to write your own C function.
    > You should also check through the contrib stuff -- I don't recall seeing RNG
    > functions in there,
    
    I don't see any in there either, but this seems like a fine candidate for
    a contrib item.  I doubt we'd accept it into the mainstream for lack of
    portability, but as a contrib item, why not?
    
    			regards, tom lane
    
    
  4. Re: Still wondering about random numbers...

    lockhart@fourpalms.org — 2001-08-07T16:36:23Z

    > > Looks like plain old C library random numbers. If you want to use
    > > /dev/random or /dev/urandom, best bet would be to write your own C function.
    > > You should also check through the contrib stuff -- I don't recall seeing RNG
    > > functions in there,
    > I don't see any in there either, but this seems like a fine candidate for
    > a contrib item.  I doubt we'd accept it into the mainstream for lack of
    > portability, but as a contrib item, why not?
    
    configure is our friend. A better random number generator is always
    welcome imho, and if it can be reliably supported through autoconf then
    it would stand a chance to be included in the main tree. Especially
    since the usage of random() seems to be very isolated in the code.
    contrib/ is always a good first step though...
    
                        - Thomas
    
    
  5. Re: Still wondering about random numbers...

    John Gateley <gateley@jriver.com> — 2001-08-07T16:41:36Z

    Joe Conway wrote:
    > 
    > > I am running on OpenBSD and Linux, both of which have
    > > cryptographic-quality RNGs built in.  When I call RANDOM() in PG, do I
    > > get the old C library random numbers, which are not very random, or do
    > > I get high-quality random numbers from the crypto-RNG that's built in?
    > > Any sugestions for getting high-quality random numbers?
    > 
    > Looking through the source, I find:
    >  result = ((double) random()) / ((double) MAX_RANDOM_VALUE);
    
    The random() function returns better (good?)
    random numbers. The rand() function returns poor
    random numbers. random() also depends on how
    much state it is initialized with (and may or may
    not be based on /dev/random, I don't know).
    
    j
    
    
  6. Re: Still wondering about random numbers...

    Joe Conway <joseph.conway@home.com> — 2001-08-07T16:53:15Z

    > > > Looks like plain old C library random numbers. If you want to use
    > > > /dev/random or /dev/urandom, best bet would be to write your own C
    function.
    > > > You should also check through the contrib stuff -- I don't recall
    seeing RNG
    > > > functions in there,
    > > I don't see any in there either, but this seems like a fine candidate
    for
    > > a contrib item.  I doubt we'd accept it into the mainstream for lack of
    > > portability, but as a contrib item, why not?
    >
    > configure is our friend. A better random number generator is always
    > welcome imho, and if it can be reliably supported through autoconf then
    > it would stand a chance to be included in the main tree. Especially
    > since the usage of random() seems to be very isolated in the code.
    > contrib/ is always a good first step though...
    >
    >                     - Thomas
    
    Sounds like there's some interest in this. I just wrote a function for
    generating random initialization vectors from /dev/urandom within the past
    week -- should be easy to make a pgsql contrib out of it. I'll send
    something to patches in a couple of days or so.
    
    -- Joe
    
    
    
    
  7. Re: Still wondering about random numbers...

    Bruno Wolff III <bruno@wolff.to> — 2001-08-07T19:15:50Z

    On Tue, Aug 07, 2001 at 04:36:23PM +0000,
      Thomas Lockhart <lockhart@fourpalms.org> wrote:
    > 
    > configure is our friend. A better random number generator is always
    > welcome imho, and if it can be reliably supported through autoconf then
    > it would stand a chance to be included in the main tree. Especially
    > since the usage of random() seems to be very isolated in the code.
    > contrib/ is always a good first step though...
    
    'Better' is in the eye of the beholder. /dev/random can stall for
    very long periods of time waiting for entropy. Even /dev/urandom may
    be overkill for some uses of random numbers. There is also the question
    of how many bytes the function is going to return.
    
    While it would be nice to have some access to /dev/random and /dev/urandom,
    I don't know that replacing the current random function is the best way
    to do this.
    
    
  8. Re: Still wondering about random numbers...

    Dr. Evil <drevil@sidereal.kz> — 2001-08-07T20:31:12Z

    > 'Better' is in the eye of the beholder. /dev/random can stall for
    > very long periods of time waiting for entropy. Even /dev/urandom may
    > be overkill for some uses of random numbers. There is also the question
    > of how many bytes the function is going to return.
    >
    > While it would be nice to have some access to /dev/random and /dev/urandom,
    > I don't know that replacing the current random function is the best way
    > to do this.
    
    I'm the one who originally posted this question, and I agree, you have
    a very good point.  /dev/random relies on a pool of entropy, which is
    limited.  Applications which require a large volume of low-quality
    random numbers (perhaps for rendering in a video game) should
    definitely not use /dev/random, but applications which require a small
    amount of high-quality randomness (generating cryptographic session
    keys perhaps) should use it.  PG should have both calls available.  If
    anyone has written a C function which calls the crypto-random
    generator, which I could link in, if you would mail it to me, I would
    be most appreciative, because I am using this to generate
    cryptographic challenges, session keys and the like, which really do
    need crypto-quality random numbers.
    
    As an intermediate solution, I can use SHA1 to generate a sequence of
    hashes, which does work as a fairly good crypto-RNG.  If anyone wants,
    I can post the SHA1 code for PG.  It should really be in the
    distribution, I think.  But then again, so should AES and RSA and
    OpenPGP...
    
    
    
  9. Re: Still wondering about random numbers...

    Allan Engelhardt <allane@cybaea.com> — 2001-08-07T21:07:47Z

    Bruno Wolff III wrote:
    
    > On Tue, Aug 07, 2001 at 04:36:23PM +0000,
    >   Thomas Lockhart <lockhart@fourpalms.org> wrote:
    > >
    > > configure is our friend. A better random number generator is always
    > > welcome imho, and if it can be reliably supported through autoconf then
    > > it would stand a chance to be included in the main tree. Especially
    > > since the usage of random() seems to be very isolated in the code.
    > > contrib/ is always a good first step though...
    >
    > 'Better' is in the eye of the beholder. /dev/random can stall for
    > very long periods of time waiting for entropy.
    
    On Intel i8x0 motherboards you can set the CONFIG_INTEL_RNG kernel parameter and access the hardware random entropy generator.
    
    On other motherboards, reading from /dev/random can stall indefinitely.  This is not a Good Thing.  /dev/urandom is fine, but not rally better than rand(3) or random(3).
    
    Is it actually possible to replace the built-in function?  I haven't checked.
    
    If it is, then contrib is a fine place for the improvement.  If it isn't, then configure is probably our friend.
    
    Just my £0.02.
    
    
    
    Allan.
    
    
    
  10. Re: Still wondering about random numbers...

    Allan Engelhardt <allane@cybaea.com> — 2001-08-07T21:07:59Z

    Bruno Wolff III wrote:
    
    > On Tue, Aug 07, 2001 at 04:36:23PM +0000,
    >   Thomas Lockhart <lockhart@fourpalms.org> wrote:
    > >
    > > configure is our friend. A better random number generator is always
    > > welcome imho, and if it can be reliably supported through autoconf then
    > > it would stand a chance to be included in the main tree. Especially
    > > since the usage of random() seems to be very isolated in the code.
    > > contrib/ is always a good first step though...
    >
    > 'Better' is in the eye of the beholder. /dev/random can stall for
    > very long periods of time waiting for entropy.
    
    On Intel i8x0 motherboards you can set the CONFIG_INTEL_RNG kernel parameter and access the hardware random entropy generator.
    
    On other motherboards, reading from /dev/random can stall indefinitely.  This is not a Good Thing.  /dev/urandom is fine, but not rally better than rand(3) or random(3).
    
    Is it actually possible to replace the built-in function?  I haven't checked.
    
    If it is, then contrib is a fine place for the improvement.  If it isn't, then configure is probably our friend.
    
    Just my £0.02.
    
    
    
    Allan.
    
    
    
  11. Re: Re: Still wondering about random numbers...

    Bruce Momjian <pgman@candle.pha.pa.us> — 2001-08-07T22:44:10Z

    > I'm the one who originally posted this question, and I agree, you have
    > a very good point.  /dev/random relies on a pool of entropy, which is
    > limited.  Applications which require a large volume of low-quality
    > random numbers (perhaps for rendering in a video game) should
    > definitely not use /dev/random, but applications which require a small
    > amount of high-quality randomness (generating cryptographic session
    > keys perhaps) should use it.  PG should have both calls available.  If
    > anyone has written a C function which calls the crypto-random
    > generator, which I could link in, if you would mail it to me, I would
    > be most appreciative, because I am using this to generate
    > cryptographic challenges, session keys and the like, which really do
    > need crypto-quality random numbers.
    
    Isn't /dev/random best used for seeding the random number generator,
    rather than for getting random number?
    
    -- 
      Bruce Momjian                        |  http://candle.pha.pa.us
      pgman@candle.pha.pa.us               |  (610) 853-3000
      +  If your life is a hard drive,     |  830 Blythe Avenue
      +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026
    
    
  12. Re: Still wondering about random numbers...

    Dr. Evil <drevil@sidereal.kz> — 2001-08-08T00:34:44Z

    > Isn't /dev/random best used for seeding the random number generator,
    > rather than for getting random number?
    
    It is best used for any situation when quality random numbers are
    needed.  This includes seeding, and in some cases it may also include
    generating session keys and other things.  It's good to have a
    choice.  Right now I have a lot of pl/pgsql which calls plain old
    RANDOM() to generate session keys, and that is not good.  Before I
    launch this thing, I will need to find a way of getting better random
    numbers.  If anyone has created a function like that for PG, please
    mail me, because I need it.
    
    
  13. Re: Re: Still wondering about random numbers...

    Joe Conway <joseph.conway@home.com> — 2001-08-08T00:53:20Z

    > > Isn't /dev/random best used for seeding the random number generator,
    > > rather than for getting random number?
    >
    > It is best used for any situation when quality random numbers are
    > needed.  This includes seeding, and in some cases it may also include
    > generating session keys and other things.  It's good to have a
    > choice.  Right now I have a lot of pl/pgsql which calls plain old
    > RANDOM() to generate session keys, and that is not good.  Before I
    > launch this thing, I will need to find a way of getting better random
    > numbers.  If anyone has created a function like that for PG, please
    > mail me, because I need it.
    
    As I said earlier, I just recently created a function for something else I'm
    working on which returns a binary string from /dev/urandom of whatever
    length you request. I'm using it for initialization vectors (IVs) for 3des
    cbc and for session keys. It should be relatively easy to turn into a pgsql
    contrib function, so I'll post something to patches within the next couple
    of days. It would not be intended to replace the standard RANDOM() function,
    just compliment it. Biggest question in my mind is the return type -- should
    it return pure binary as a bytea type, or hex as a text type? Any thoughts
    on this?
    
    I agree with other comments regarding /dev/random. During testing I found
    that it can block for significant periods of time, especially when used
    repetitively.
    
    -- Joe
    
    
    
    
    
    
  14. Re: Re: Still wondering about random numbers...

    Doug McNaught <doug@wireboard.com> — 2001-08-08T03:15:14Z

    Allan Engelhardt <allane@cybaea.com> writes:
    
    > On other motherboards, reading from /dev/random can stall
    > indefinitely.  This is not a Good Thing.  /dev/urandom is fine, but
    > not rally better than rand(3) or random(3).
    
    Wrong; it's still a lot better, especially if you have a reasonable
    amount of entropy coming in--/dev/urandom uses the same entropy pool
    as /dev/random and generates its data using a cryptographically secure
    hash function.  This is still a lot better (for crypto purposes) than
    the simple LCGs used in the standard C library functions.
    
    See the random(4) manpage on your Linux system for more details.
    
    -Doug
    -- 
    Free Dmitry Sklyarov! 
    http://www.freesklyarov.org/ 
    
    We will return to our regularly scheduled signature shortly.
    
    
  15. Re: Re: Still wondering about random numbers...

    Allan Engelhardt <allane@cybaea.com> — 2001-08-08T10:22:31Z

    Doug McNaught wrote:
    
    > Allan Engelhardt <allane@cybaea.com> writes:
    >
    > > On other motherboards, reading from /dev/random can stall
    > > indefinitely.  This is not a Good Thing.  /dev/urandom is fine, but
    > > not rally better than rand(3) or random(3).
    >
    > Wrong; it's still a lot better, especially if you have a reasonable
    > amount of entropy coming in--/dev/urandom uses the same entropy pool
    > as /dev/random and generates its data using a cryptographically secure
    > hash function.  This is still a lot better (for crypto purposes) than
    > the simple LCGs used in the standard C library functions.
    
    Absolutely!  I had minor brain damage when I wrote the paragraph.  What I meant was:
    
    "/dev/urandom is not really better than rand(3) or random(3) *in this situation* [i.e. when reads from /dev/random stalls and there is no system entropy]"
    
    You don't get a lot of entropy from the standard /dev/random drivers on a system without users (pressing a key gives 10 bytes of entropy, moving the mouse ~8), but you do get a some so it is better.
    
    As you said.
    
    Allan.
    
    
    
  16. RE: Re: Still wondering about random numbers...

    Matt Block <matt@blockdev.net> — 2001-08-08T13:59:15Z

    I'm almost dead certain (although I've been too lazy to actually look,)
    that
    network activity also fills the entropy pool (on Linux boxen).  I
    conjecture 
    this partly based on my headless "home services" box which acts as
    firewall, 
    web server, game server, pg server, blah, blah, and blah on my LAN.  It
    has 
    never wanted for entropy, and has actually never blocked on reads to
    /dev/random
    for any (human) appreciable lengths of time.  It drinks from the entropy
    pool 
    for key generation and suchlike frequently and deeply.
    
    This may require netfilter.
    
      -- Matt
    
    -----Original Message-----
    From: pgsql-general-owner@postgresql.org
    [mailto:pgsql-general-owner@postgresql.org] On Behalf Of Allan
    Engelhardt
    Sent: Wednesday, August 08, 2001 6:23 AM
    To: Doug McNaught
    Cc: Bruno Wolff III; pgsql-general@postgresql.org
    Subject: Re: [GENERAL] Re: Still wondering about random numbers...
    
    
    Doug McNaught wrote:
    
    > Allan Engelhardt <allane@cybaea.com> writes:
    >
    > > On other motherboards, reading from /dev/random can stall 
    > > indefinitely.  This is not a Good Thing.  /dev/urandom is fine, but 
    > > not rally better than rand(3) or random(3).
    >
    > Wrong; it's still a lot better, especially if you have a reasonable 
    > amount of entropy coming in--/dev/urandom uses the same entropy pool 
    > as /dev/random and generates its data using a cryptographically secure
    
    > hash function.  This is still a lot better (for crypto purposes) than 
    > the simple LCGs used in the standard C library functions.
    
    Absolutely!  I had minor brain damage when I wrote the paragraph.  What
    I meant was:
    
    "/dev/urandom is not really better than rand(3) or random(3) *in this
    situation* [i.e. when reads from /dev/random stalls and there is no
    system entropy]"
    
    You don't get a lot of entropy from the standard /dev/random drivers on
    a system without users (pressing a key gives 10 bytes of entropy, moving
    the mouse ~8), but you do get a some so it is better.
    
    As you said.
    
    Allan.
    
    
    ---------------------------(end of broadcast)---------------------------
    TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
    
    
    
  17. Re: Re: Still wondering about random numbers...

    Doug McNaught <doug@wireboard.com> — 2001-08-08T14:00:54Z

    Allan Engelhardt <allane@cybaea.com> writes:
    
    > "/dev/urandom is not really better than rand(3) or random(3) *in
    > this situation* [i.e. when reads from /dev/random stalls and there
    > is no system entropy]"
    
    I would still disagree.  The difference for crypto purposes between a
    CRNG seeded with real entropy (/dev/urandom) and an LCG (libc
    functions) is huge.  The former is useful (with caveats); the latter
    is trivially breakable.
    
    -Doug
    -- 
    Free Dmitry Sklyarov! 
    http://www.freesklyarov.org/ 
    
    We will return to our regularly scheduled signature shortly.
    
    
  18. Random strings

    Joe Conway <joseph.conway@home.com> — 2001-08-08T18:01:59Z

    > > generating session keys and other things.  It's good to have a
    > > choice.  Right now I have a lot of pl/pgsql which calls plain old
    > > RANDOM() to generate session keys, and that is not good.  Before I
    > > launch this thing, I will need to find a way of getting better random
    > > numbers.  If anyone has created a function like that for PG, please
    > > mail me, because I need it.
    >
    > As I said earlier, I just recently created a function for something else
    I'm
    > working on which returns a binary string from /dev/urandom of whatever
    > length you request. I'm using it for initialization vectors (IVs) for 3des
    > cbc and for session keys. It should be relatively easy to turn into a
    pgsql
    > contrib function, so I'll post something to patches within the next couple
    > of days. It would not be intended to replace the standard RANDOM()
    function,
    > just compliment it. Biggest question in my mind is the return type --
    should
    > it return pure binary as a bytea type, or hex as a text type? Any thoughts
    > on this?
    >
    
    Per the discussion yesterday, here's a patch. There are two versions of
    essentially the same function. They both take an int as the number of
    requested random bytes, and generate a random binary string of the requested
    length from /dev/urandom. The first one (randomstr_hex) converts the binary
    to hex and returns it as text, and the other (randomstr_bytea) does the
    needed escaping of special characters and returns bytea.
    
    Let me know if you have any other thoughts on how this can be improved. I
    didn't bother to create a function to return a random 0 - 1 interval float
    (ala random()) because in most cases where cryptographic quality random
    values are needed, the provided forms are the most useful ones (I think).
    
    -- Joe
    
    
    
  19. integer quoting

    Ryan Mahoney <ryan@paymentalliance.net> — 2001-08-08T18:03:22Z

    Is there any reason why integer values should *not* be quoted in statements 
    passed to pgsql?  it seems like there are few benefits of this practice, 
    curios what the drawbacks may be.
    
    TIA!
    
    Ryan Mahoney
  20. Re: Re: Still wondering about random numbers...

    Allan Engelhardt <allane@cybaea.com> — 2001-08-08T19:13:24Z

    Doug McNaught wrote:
    
    > Allan Engelhardt <allane@cybaea.com> writes:
    >
    > > "/dev/urandom is not really better than rand(3) or random(3) *in
    > > this situation* [i.e. when reads from /dev/random stalls and there
    > > is no system entropy]"
    >
    > I would still disagree.  The difference for crypto purposes between a
    > CRNG seeded with real entropy (/dev/urandom) and an LCG (libc
    > functions) is huge.  The former is useful (with caveats); the latter
    > is trivially breakable.
    
    Fair comment.  I agree.  Thanks for the clarification.
    
    
    Allan.
    
    
    
  21. Re: Random strings

    Peter Eisentraut <peter_e@gmx.net> — 2001-08-08T19:21:09Z

    Joe Conway writes:
    
    > Per the discussion yesterday, here's a patch. There are two versions of
    > essentially the same function. They both take an int as the number of
    > requested random bytes, and generate a random binary string of the requested
    > length from /dev/urandom. The first one (randomstr_hex) converts the binary
    > to hex and returns it as text, and the other (randomstr_bytea) does the
    > needed escaping of special characters and returns bytea.
    
    Perhaps one of these returning bytea would be enough and you can use
    the new encode functions to convert them to a format of choice.  Also, why
    aren't you using /dev/random?
    
    -- 
    Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter
    
    
    
  22. Re: Random strings

    Joe Conway <joseph.conway@home.com> — 2001-08-08T20:25:22Z

    > > Per the discussion yesterday, here's a patch. There are two versions of
    > > essentially the same function. They both take an int as the number of
    > > requested random bytes, and generate a random binary string of the
    requested
    > > length from /dev/urandom. The first one (randomstr_hex) converts the
    binary
    > > to hex and returns it as text, and the other (randomstr_bytea) does the
    > > needed escaping of special characters and returns bytea.
    >
    > Perhaps one of these returning bytea would be enough and you can use
    > the new encode functions to convert them to a format of choice.  Also, why
    > aren't you using /dev/random?
    
    Very nice. I hadn't looked encode/decode yet. I'll rework the patch and just
    leave the bytea as you suggested.
    
    As far as /dev/random, the issue it that it blocks when it runs out of
    entropy. As a small test, I recompiled with /dev/random and tried:
    
       select randomstr_bytea(8), foo from bar;
    
    where bar has about 120 rows. I was still waiting a minute later. When
    requesting one at a time (but resubmitting relatively quickly), it works
    fine until about the 35th request in a row, then it blocks briefly (~2
    seconds). The same test with /dev/urandom returns instantly. Perhaps there
    should be an option to use either. For instances where only a few truly
    random bytes is needed (i.e. one session key), use /dev/random. When you
    need many random bytes quickly, use /dev/urandom?
    
    -- Joe
    
    
    
    
  23. Re: Random strings

    Joe Conway <joseph.conway@home.com> — 2001-08-09T07:02:58Z

    > > Perhaps one of these returning bytea would be enough and you can use
    > > the new encode functions to convert them to a format of choice.  Also,
    why
    > > aren't you using /dev/random?
    >
    
    Here's a revised patch. This one has only one user function, randomstr(int
    binlen, text source). It allows any length request (well, limited by int)
    against a source of 'urandom', or a maximum of 64 bytes against a source of
    'random'. I also added a couple of examples to the readme to show how to use
    randomstr() with encode() to get hex or base64 output.
    
    On a side note, in the last version of this, I had a function which escaped
    the binary C string so that I could feed it to byteain. In this version, I
    decided to populate the varlena struct directly, because it seemed an awful
    waste to escape the binary just so that byteain could unescape it. But I'm
    not sure this is considered a "good thing", or a "bad thing". I'd appreciate
    any guidance.
    
    Thanks,
    
    Joe
    
    
  24. Re: Random strings

    Peter Eisentraut <peter_e@gmx.net> — 2001-08-09T15:35:13Z

    Joe Conway writes:
    
    > seconds). The same test with /dev/urandom returns instantly. Perhaps there
    > should be an option to use either. For instances where only a few truly
    > random bytes is needed (i.e. one session key), use /dev/random. When you
    > need many random bytes quickly, use /dev/urandom?
    
    Not sure if this is intuitive.  How many bytes is "a few"?  Maybe just be
    honest about it and name them randomstr and urandomstr or such.
    
    -- 
    Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter
    
    
    
  25. Re: Random strings

    Joe Conway <joseph.conway@home.com> — 2001-08-09T17:13:18Z

    > > seconds). The same test with /dev/urandom returns instantly. Perhaps
    there
    > > should be an option to use either. For instances where only a few truly
    > > random bytes is needed (i.e. one session key), use /dev/random. When you
    > > need many random bytes quickly, use /dev/urandom?
    >
    > Not sure if this is intuitive.  How many bytes is "a few"?  Maybe just be
    > honest about it and name them randomstr and urandomstr or such.
    >
    
    In the patch that I sent last night, I explicitly limited /dev/random to 64
    bytes. I agree that this is not very intuitive, but for specific purposes,
    such as generating a session key for tripledes (24 byte/192 bit random
    string yielding 168 bits for a the key) periodically, it is quite useful.
    There's a tradeoff here between cryptographic strength (favoring
    /dev/random) and application performance (favoring /dev/urandom) that will
    vary significantly from application to application. It's nice to have the
    option depending on your needs.
    
    Having said that, I'm not married to the idea that we should provide access
    to both /dev/random and /dev/urandom. I'd be happy to roll another patch,
    limited to just urandom, and renaming the function if you feel strongly
    about it. (should we move this discussion back to hackers to get a wider
    audience?)
    
    -- Joe