Porting GNUPG
Werner Koch
wk at isil.d.shuttle.de
Mon Sep 14 16:58:08 CEST 1998
Matthew Mastracci <mmastrac at ucalgary.ca> writes:
> - Various system parameters (OS version, CPU type, etc)
> - Name of the computer
> - Name of the user
This is static data which does not chnage and is easy to guess.
> - The previous MD5'd string
This does not add any entropy. You need a hardware source to add more
entropy; a interrupt can be considered as a hardware source. Don't
use the values of the keys the user hist but only the timings.
Mixing is not needed as the core random function already take care of
that. Peter gives good examples how to collect entropy on a DOS box.
Werner
More information about the Gnupg-devel
mailing list