differences between random and urandom

Question

I\'m trying to find out the differences between /dev/random and /dev/urandom files

1. What are the differences between /dev/random

Answer 1

Using /dev/random may require waiting for the result as it uses so-called entropy pool, where random data may not be available at the moment.

/dev/urandom returns as many bytes as user requested and thus it is less random than /dev/random.

As can be read from the man page:

random

When read, the /dev/random device will only return random bytes within the estimated number of bits of noise in the entropy pool. /dev/random should be suitable for uses that need very high quality randomness such as one-time pad or key generation. When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered.

urandom

A read from the /dev/urandom device will not block waiting for more entropy. As a result, if there is not sufficient entropy in the entropy pool, the returned values are theoretically vulnerable to a cryptographic attack on the algorithms used by the driver. Knowledge of how to do this is not available in the current unclassified literature, but it is theoretically possible that such an attack may exist. If this is a concern in your application, use /dev/random instead.

For cryptographic purposes you should really use /dev/random because of nature of data it returns. Possible waiting should be considered as acceptable tradeoff for the sake of security, IMO.

When you need random data fast, you should use /dev/urandom of course.

Source: Wikipedia page, man page