excessive usage of /dev/random?

Brian Minton brian at minton.name
Tue May 12 16:01:39 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Sat, May 9, 2015 at 8:39 AM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:

> Yeah, and that's its sole feature, that you can say it has "provable
> security".  Apart from that it's really slow, awkward, and hard to
> implement.   In terms of practical security, it's probably no better
> than a decent HMAC-based PRF, while having all of the above drawbacks.

BBS also needs two large random primes, which if you already have two
large primes, you could just use them for the RSA key.  To be fair
though, I am not sure how big the primes need to be for Blum Blum Shub.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iF4EAREIAAYFAlVSB7YACgkQa46zoGXPuqnacQD8CTzFTQfuL0nh3a32E3qsH0Y6
KkkMPxWdwYWfzTxYm8IA/j0oJqRADd8JM4ziO14JmFoskPwp1+oTXG9JwklB5EuT
=ATbt
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150512/a2d9d173/attachment.html>


More information about the Gnupg-devel mailing list