[Help-gnutls] Alternate random device for certtool
Nikos Mavrogiannopoulos
nmav at gnutls.org
Thu Dec 4 19:52:33 CET 2008
Werner Koch wrote:
> On Sat, 29 Nov 2008 09:21, nmav at gnutls.org said:
>
>> I upgraded to gcrypt 1.4.4 and I notice the same delay, and strace shows
>> that /dev/random is being used even with this flag.
>
> What you do in certtool is to call
>
> if (info.quick_random != 0)
> gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
[...]
> you see the flag can't be set in this case. What you need to do is
> to set this flag during initialization: That is after a first call to
> gcry_check_version. This is how it is done in by libgcrypt regression
> tests.
> Anyway, using this flag is strongly discouraged. It is only useful for
> testing. gpg for example refuse to use a key if the random number
> generator is in this mode and the User ID of the key is not flagged as
> insecure. That is a bit paranoid but older version of libgcrypt even
> did not used a strong RNG in the quick mode.
Why is this? As far as I understand the only difference was that it uses
/dev/urandom instead of /dev/random.
> If you want to use not so strong keys, you better use the transient-key
> feature available since 1.4.2:
>
> @item transient-key
> This is only meaningful for RSA keys. This is a flag with no value. If
> given the RSA key is created using a faster and a somewhat less secure
> random number generator. This flag may be used for keys which are only
> used for a short time and do not require full cryptographic strength.
Is this stronger than using /dev/urandom?
regards,
Nikos
More information about the Gcrypt-devel
mailing list