Bug#448775: Uses too much entropy (Debian Bug #343085)

Werner Koch wk at gnupg.org
Fri Jan 4 14:45:00 CET 2008

On Fri,  4 Jan 2008 13:41, simon at josefsson.org said:

> We could consider doing something like that in gnutls too, to help
> applications avoid having to do it themselves.  However, the
> documentation on UPDATE_SEED seems somewhat discouraging.  I'm not sure

Let's say this description is very conservative and mostly written for
security evaluations.  The "up to 16 bytes of weak random " is not even
correct for Linux because there we will always read 16 bytes from
/dev/urandom and thus the whole theoretical attack won't work.  I'll
revise the description a bit.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gcrypt-devel mailing list