excessive usage of /dev/random?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat May 2 00:45:12 CEST 2015
Werner Koch <wk at gnupg.org> writes:
>300 bytes are only 2400 bit which is sufficient for a 2048 bit RSA key. For a
>4096 bit RSA key, which many people started to use, this is not sufficient.
It should be plenty. Cryptographic numerology (http://www.keylength.com/)
tells us that a 2048-bit RSA key needs about 103 bits of entropy, and a 4096
bit key needs about 142 bits (with a bit of variation depending on whose
numerology you're using). So take 150 bits of RNG output, feed it into a PRF,
and you're done.
Peter.
More information about the Gnupg-devel
mailing list