excessive usage of /dev/random?
Charles Swiger
cswiger at mac.com
Fri May 1 21:11:22 CEST 2015
On May 1, 2015, at 11:40 AM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
>> I'd suggest looking into Yarrow or Fortuna, which are CSPRNG
>> algorithms intended to be suitable for generating crypto keys.
>
> Yarrow's troublesome to implement, in that it requires accurate
> estimates of available entropy pools and how they refresh.
True. I can recall vigorous debate about tweaking the # of bits
of entropy one could assume from various HW sources on the FreeBSD lists.
They ended up picking conservative estimates since it still provided
a sufficient amount of entropy for Yarrow to supply megabytes per second
from /dev/random. (Except diskless systems, perhaps, since I/O completion
time is usually a major source of entropy, unless a hardware RNG is handy.)
> Fortuna has a simpler design. The Yarrow authors recommend using Fortuna, and one
> of them has declared Yarrow will no longer receive support or updates.
Agreed. I've love to see Fortuna get adopted more widely; it would make
a worthy project for someone (GSoC?).
Regards,
--
-Chuck
More information about the Gnupg-devel
mailing list