Do not use GnuPG under Mac OS RNG
Werner Koch
wk@gnupg.org
Wed Jun 27 20:14:01 2001
|| On Wed, 27 Jun 2001 12:33:47 -0400
|| Gordon Worley <redbird@mac.com> wrote:
gw> Anyway, if the case is as I have restated it, egd should be safe on OS
gw> X, correct?
The reason for my warning was that you or someone else mentioned that
there are visible patterns[1] in rndlinux.c but not in EGD. I explained
that both use a very similar way to gather entropy and the only
difference is that EGD postprocesses its output by a hash algorithm
which in turn will make sure that there are no visible patterns.
Werner
[1] A visible pattern does not mean that this must be a bad source of
entropy. EGD/rndlinux.c has just to be adapted to get the right
estimate of entropy which is in it. For example, using network
statistics might give you the same patterns for quite a while but at
one point they will change to another pattern.
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus