Uses too much entropy (Debian Bug #343085)

Simon Josefsson simon at josefsson.org
Fri Jan 4 13:35:26 CET 2008


Matthias Urlichs <smurf at smurf.noris.de> writes:

> Hi,
>
> Nikos Mavrogiannopoulos:
>> I don't understand these comments. The libgcrypt's generator can be
>> used in a separate processes. It doesn't mean it gathers any entropy
>> except for using /dev/urandom as usual.
>> 
> Ah, thanks for the correction.
>
> In that case, if it's "as usual", why run the daemon in the first place?

I think the daemon is there to help libgcrypt maintain randomness state
between invocations of applications that use randomness from libgcrypt.
Libgcrypt talks with it.  But I haven't used the feature either (it is
experimental) so I don't know for sure.  Cc'ing libgcrypt-devel for
corrections.

> To clarify: I don't have an issue with gnutls eating randomness from the
> pool. The randomness is there to be eaten.
>
> However, reading 3000+ bits every time a server (or client) starts up
> does seem a bit excessive. I seriously doubt that it needs that many.

The 3000+ bits part doesn't seem excessive to me, but I think the
problem is that it is required each time a server or client starts up.
Saving a random seeds file would help with this.  Or using the libgcrypt
daemon, if it works as I think it does.

/Simon



More information about the Gcrypt-devel mailing list