mardi 11 juillet 2023

Ubuntu 22.04, python3, ryzen 7950x. From where does os.urandom() get its random bits?

I am running a python 3.11 program on an Ubuntu 22.04 Ryzen 7950x/asus system.
I have discovered that the size of the entropy file is limited to 256 bits.

$cat /proc/sys/kernel/random/entropy_avail

256

I assumed that os.urandom(nbytes) would return nbytes * 8 bits of entropy from /dev/random. However this does not seem to be the case. I have written a loop to empty the 256 bytes of entropy bits and keep it empty for a while, during which time I monitor the entropy in /dev/random. However the entropy pool does not seem to ever empty or even change its size.

for i in range(1000000000):
  b = os.urandom(32)

So I am under the impression that on this system, the os.urandom() function retrieves random bytes by some other means. A few questions come to mind:

  • Is the os.urandom() function supposed to return all the bits specified from /dev/random?

  • If not, does it just use a fraction of the entropy bits in /dev/random to generate a random set of bits which it returns? If so, what is that fraction?

  • If not, where does os.urandom() get its random bits?

Can anyone shed some light on this?




Aucun commentaire:

Enregistrer un commentaire