Random seed for symetric encryption
Nikolaus Rath
Nikolaus at rath.org
Wed Jan 18 10:13:57 CET 2006
Werner Koch <wk at gnupg.org> writes:
> On Tue, 17 Jan 2006 10:06:18 +0100, Nikolaus Rath said:
>
>> Yes, exactly. About 2 GB in 14000 files.
>
> You are running several concurrent gpg processes?
Hmm. Actually, yes. I didn't notice that until now, but they are up to
4 concurrent processes.
>>> [6] The exact message again (I lost it) that GPG gives you
>>> when the random fails.
>
>> I don't have the exact message here at the moment, but I'm pretty sure
>> that it literally complained about an "empty random seed".
>
> Yes, that may indeed happen. gpg does not take a file lock while
> reading or writing the seed file; thus races may happen. This is
> usually not a severe problem as gpg will detect it and fill up the
> entropy pool from /dev/random in this case.
>
> The solution is to take a file lock; I don't want to do this always
> but I see your problem and may be a new option can be used to lock
> reandom-seed access.
Ok, thanks a lot.
Regards,
--Nikolaus
--
In Linux werden mehr Sicherheitslücken gefunden.
In Windows sind mehr Sicherheitslücken drin.
-- Lutz Donnerhacke
More information about the Gnupg-users
mailing list