Bug#448775: Uses too much entropy (Debian Bug #343085)
simon at josefsson.org
Fri Jan 4 13:20:17 CET 2008
Werner Koch <wk at gnupg.org> writes:
> On Fri, 4 Jan 2008 10:59, nmav at gnutls.org said:
>> This is mostly a question for libgcrypt developers, but I believe
>> libgcrypt initializes the PRNG in a more conservative way.
> Right, we even implement failsafe methods in case /dev/random does not
> work like expected. In fact we don't know ehther /dev/random is a good
> RNG or not. There is no serious study on the quality of /dev/random and
> in the past we have seen major over-estimations on the available
Right, and there are studies that suggests the Linux /dev/random device
Being conservative here is a good thing. However, that does not have to
be in conflict with working efficiently. Using a random seed file would
be one way to address both concerns.
More information about the Gcrypt-devel