Do not use GnuPG under Mac OS RNG

Werner Koch wk@gnupg.org
Fri Jun 22 15:26:01 2001


 || On Fri, 22 Jun 2001 08:08:50 -0400
 || Gordon Worley <redbird@rbisland.cx> wrote: 

 gw> rndunix doesn't yield anything reasonably random (it's so unrandom
 gw> that just the casual observer can see the patterns), which is why egd
 gw> is being used.  egd passes it's self test on OS X and I've had no

rndunix and egd are both using the same methods to collect entropy.
So there is no difference.  It just looks like EGD is better because
its output has gone through SHA-1 hashing.  It is hard to analyze a
RNG and if its output is processed by a hash function (like EGD or
/dev/[u]random) it is impossible to check it just by analyzing the
output.

STOP USING GNUPG UNDER MAC OS X AND REVOKE ALL THE KEYS YOU HAVE
CREATED WITH THIS VERSION.  YOU SHOULD ALSO REVOKE ALL DSA SIGNING
KEYS YOU HAVE USED TO CREATE SIGNATURE WITH THIS VERSION. 

DSA will leak key material when used with a bad RNG.


 Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus