bug#240: random_seed file = SECURITY BUG
Werner Koch
wk@gnupg.org
Thu, 17 Aug 2000 12:37:34 +0200
On Thu, 17 Aug 2000, Paul Rubin wrote:
> No he can't. GPG and my login script are write protected. But the
> random_seed file has to be world writeable or else my cgi script can't
> update it (since the cgi script runs as "nobody"). So the random_seed
Okay. I see the problem.
> Therefore there should be a configuration option that turns off
> random_seed, if the user feels that the environment can support using
Ohhh, I forgot that there is one:
--no-random-seed-file
> pseudo-random entropy good enough for high security applications.
> So gpg should also not use pseudo-entropy if real entropy is available.
The border between pseudo-entropy and real entropy is quite thin; the
output generated by the Linux /dev/random is quite good for a
deterministic machine but it is far away from real entropy.
> Also, many computers (Pentium III with the newer chip sets) have
> hardware RNG's now, so if the /dev/random driver is updated to use the
I have some doubts that this RNG can deliver enough random for a big
server. It is an analog device and according to the Intel specs it
may fail from time to time which is the reason that you have to do
some lengthly quality checks at startup; and I think you should do
them from time to time on a never to be restarted server.
Nobody wants to use this device alone for producing high quality
random.
Werner
--
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org