Re: CONFIG_RANDOM option for 1.99.2

Robert L Krawitz (rlk@tiac.net)
Wed, 15 May 1996 19:15:52 -0400


Date: Wed, 15 May 1996 18:01:45 -0600 (CST)
From: Aaron Ucko <UCKO@VAX1.ROCKHURST.EDU>

>What if someone's running in very tight memory (2-4 MB) and for one
>reason or another doesn't care about crackers (isn't on the net, or
>just doesn't care about security)? The only feasible thing that the
>kernel needs good random numbers for is security, and people should
>have the option to turn that off if the memory and CPU cycles are too
>critical.

Yes, but nonsecurity-related userspace programs might also want good random
numbers. Consider a simulation using the Monte Carlo method--pseudorandom
numbers might produce misleading results.

Someone who's running Monte Carlo simulations hopefully has a fair bit
of memory available, and knows enough about random number generators
to realize the importance of a good one. For that matter, the problem
with random numbers for Monte Carlo methods is rarely the quality of
the seed, but rather the quality of the generator (the f(x+1) term).
If the generator has poor spectral properties, it doesn't matter how
good the initial seed was.

/dev/random generates an excellent initial random number, and perhaps
a small number more such numbers. It's not designed for generating
the millions of random numbers that a simulation may need. It is
designed for generating a small number of random numbers to serve as
cryptographic keys.

-- 
Robert Krawitz <rlk@tiac.net>           http://www.tiac.net/users/rlk/

Member of the League for Programming Freedom -- mail lpf@uunet.uu.net Tall Clubs International -- tci-request@aptinc.com or 1-800-521-2512