9

The GNU Privacy Guard manual pages have this to say about using the gpg --gen-random 0|1|2 count command:

Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don’t use this command unless you know what you are doing; it may remove precious entropy from the system!

I am wondering what the "quality level" means. Is 2 "better" (i.e. more random) than 0? How much "more random" is one level over another?

BACKGROUND: I came across this command in an article in Linux Journal that illustrated using gpg's --gen-random command to generate a random password. I want to have as random of a password as possible, so I want to know what "quality level" is best for this purpose.

camercu
  • 343
  • 3
  • 10

1 Answers1

6

This is a really hard question to answer. The definitive answer can only be found in the source code of gpg. However I can still answer your question using a mail I found (from 2013, details may have changed).

Is 2 "better" (i.e. more random) than 0?

Yes, 2 is "better" than 0 and 1.
As per the linked mail the quality level determines the number of bytes being read from /dev/urandom and /dev/random for answering the query.

As it appears in the mail 0 and 1 are actually the same (this may have changed by now) and gpg will just answer your query with the requested amount of fresh bytes from /dev/urandom.

2 however is different. It uses /dev/random, meaning you have higher guarantees concerning the quality and entropy of the output (as you may have to wait some time, if this trade-off is actually worth it is another question). And more importantly it requests significantly more bytes from /dev/random than you query, namely nearly 19x as many and post-processes them somehow. So the entropy of the result is high even if /dev/random doesn't provide you with high-quality random bytes.

SEJPM
  • 46,697
  • 9
  • 103
  • 214