Re: [PATCH 0/2] Generate temporary files using a CSPRNG
From: Jeff King <hidden>
Date: 2021-11-16 15:44:36
On Tue, Nov 16, 2021 at 03:35:40AM +0000, brian m. carlson wrote:
For those who are interested, I computed the probability of spurious failure for the self-test mode like so: 256 * (255/256)^65536 This Ruby one-liner estimates the probability at approximately 10^-108: ruby -e 'a = 255 ** 65536; b = 256 ** 65536; puts b.to_s.length - a.to_s.length - 3' If I have made an error in the calculation, please do feel free to point it out.
Yes, I think your math is correct there. A more interesting question is whether generating 64k of PRNG bytes per test run is going to a problem for system entropy pools. For that matter, I guess the use of it for tempfiles will produce a similar burden, since we run so many commands. My understanding is that modern systems will just produce infinite output for /dev/urandom, etc, but I wonder if there are any systems left where that is not true (because they have a misguided notion that they need to stir in more "real" entropy bits). -Peff