Do not use GnuPG under Mac OS RNG

Werner Koch
Mon Jun 25 22:43:02 2001

 || On Sun, 24 Jun 2001 15:50:52 +0200
 || Sebastian Hagedorn <> wrote: 

 sh> understand the issue correctly. This concerns only the generation of
 sh> keys, right? Using keys generated on a different platform is therefore
 sh> safe(r)?

No.  You will always have a weak session key but this is not so
important.  When using any of the DLP algorithm (ElGamaland especially
DSA) you will leak information about the secret key.

 sh> Also, what can be done to fix this? Are there libraries the end user
 sh> could install that gnupg would then use, or is Apple the only party

The solution is simple: Try to figure out good sources of random on
the Mac. I'd start with EGD and analyze the output of the commands it
uses to gather random; I guess that a lot of commands will just fail.
And read at least Peter's paper.

Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus