Entropy Sourse in Win2K (Re: Compile gnuog 1.0.7 in Win2000)

Ryan Malayter rmalayter@bai.org
Wed Aug 7 19:16:02 2002

Windows does have a good system source for entropy in CryptoAPI, with a
fast/slow pool much like the Yarrow generator designed by Counterpane.
However, the RNG sections of CryptoAPI are closed source, vaguely
documented, and therefore not used by GnuPG.=20

As Werner mentioned in a pervious message on this list, the default
GnuPG file-based system (with interrupts and performance counters as
entropy sources) works just fine on Windows, and is known to be fairly
secure, so why switch to something else?

:::Ryan Malayter
:::Sr. Network & Database Administrator
:::Bank Administration Institute
:::Chicago, Illinois, USA
:::PGP Key: http://www.malayter.com/pgp-public.txt

-----Original Message-----
From: Alec Clews [mailto:alec.clews@merant.com]=20
Sent: Wednesday, August 07, 2002 6:18 AM
To: gnupg-users
Subject: Entropy Sourse in Win2K (Re: Compile gnuog 1.0.7 in Win2000)

disastry@saiknes.lv wrote:

> (IIRC "--enable-static-rnd=3Degd" is very bad idea (on windows))

I'm confused

 From the web site I understood that Windows did not have a good source=20
fo entropy and that egd would be a good choice. However gpg says that=20
it's insecure. What should I be doing? (I build under Cygwin)


Alec Clews, <alec.clews at merant.com>,      Consultant, Merant,
Voice +61-(3)9522-4441 Fax   +61-(3)8621-6920        http://merant.com/

Gnupg-users mailing list