Do not use GnuPG under Mac OS RNG

Werner Koch
Wed Jun 27 20:14:01 2001

 || On Wed, 27 Jun 2001 12:33:47 -0400
 || Gordon Worley <> wrote: 

 gw> Anyway, if the case is as I have restated it, egd should be safe on OS
 gw> X, correct?

The reason for my warning was that you or someone else mentioned that
there are visible patterns[1] in rndlinux.c but not in EGD.  I explained
that both use a very similar way to gather entropy and the only
difference is that EGD postprocesses its output by a hash algorithm
which in turn will make sure that there are no visible patterns.


[1] A visible pattern does not mean that this must be a bad source of
entropy. EGD/rndlinux.c has just to be adapted to get the right
estimate of entropy which is in it.  For example, using network
statistics might give you the same patterns for quite a while but at
one point they will change to another pattern. 

Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus