zack at rabi.columbia.edu
Mon Sep 14 09:11:25 CEST 1998
On Mon, 14 Sep 1998 09:00:43 +0200, Werner Koch wrote:
>"Paul D. Smith" <psmith at BayNetworks.COM> writes:
>> Isn't the method PGP uses to generate random numbers sufficiently strong
>> for the purposes of GnuPG too? Is there some reason that method hasn't
>> been implemented, except for 'tuits?
>Measurement of key hit timings is not easy on a unix box and less
>secure than what you can do under DOS. The Linux random number
>generator is much better as a source for random number. In addition
>to this GNUPG implements all requirements from RFC1750.
As far as I know no commercial Unix has a /dev/random. How does GPG
generate random numbers on those systems?
More information about the Gnupg-devel