potential changes to random number generation for libgcrypt

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Apr 13 21:20:40 CEST 2018


Hey libgcrypt developers, and debian libgcrypt maintainers--

I've just opened a discussion about random number generation:

    https://dev.gnupg.org/T3894

I'd appreciate any review, as i'm aware that RNGs are very delicate
things, and we want to be conservative and careful with them.  If the
proposal i'm making in this bug report is problematic, i'd like to know!
I think it actually solves problems for users of modern systems, and
acts as an incentive against sketchy behavior that might otherwise
bypass the kernel's own concept of whether it has received sufficent
entropy to start a PRNG.

Feedback very much welcome, either to me privately, on-list here, or on
the ticket.

All the best,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20180413/b66ace83/attachment.sig>


More information about the Gcrypt-devel mailing list