GnuPG PRNG insecure?
Werner Koch
wk at gnupg.org
Fri Feb 8 08:33:01 CET 2002
On Thu, 7 Feb 2002 20:06:03 +0100, Stefan Keller said:
> The problem I see with this is, that previous data in our random
> pool is simply overwritten with new data. If our gathered data is
Thanks Stefan for pointing this out. As Peter already mentioned, this
is not a serious flaw because an attacker is not able to mix data of
his choice in. I fixed it of course.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus
More information about the Gnupg-devel
mailing list