Random seed for symetric encryption

Nikolaus Rath Nikolaus at rath.org
Wed Jan 18 10:13:57 CET 2006

Werner Koch <wk at gnupg.org> writes:

> On Tue, 17 Jan 2006 10:06:18 +0100, Nikolaus Rath said:
>> Yes, exactly. About 2 GB in 14000 files.
> You are running several concurrent gpg processes?

Hmm. Actually, yes. I didn't notice that until now, but they are up to
4 concurrent processes.

>>> [6] The exact message again (I lost it) that GPG gives you
>>> when the random fails.
>> I don't have the exact message here at the moment, but I'm pretty sure
>> that it literally complained about an "empty random seed". 
> Yes, that may indeed happen.  gpg does not take a file lock while
> reading or writing the seed file; thus races may happen.  This is
> usually not a severe problem as gpg will detect it and fill up the
> entropy pool from /dev/random in this case.
> The solution is to take a file lock; I don't want to do this always
> but I see your problem and may be a new option can be used to lock
> reandom-seed access.

Ok, thanks a lot.



In Linux werden mehr Sicherheitslücken gefunden.
In Windows sind mehr Sicherheitslücken drin.
                                    -- Lutz Donnerhacke

More information about the Gnupg-users mailing list