howto secure older keys after the recent attacks
faramir.cl at gmail.com
Sun Sep 13 04:02:35 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
David Shaw escribió:
>> So my question is basically,..
>> If gpg would use this,... does it only improve the already existing
>> entropy and randomness of the kernel PRNG? I mean that gpg somehow
>> "merges" the different sources?
>> Or is it more or less a,.. either use the kernel PRNG or the hardware
> The kernel merges several sources of entropy into the /dev/random pool.
> The entropy key would just be another source (though a very prolific
> source) of entropy.
I remember an example from one of the Bruce Schneier book, where 2
people (Alice and Bob, of course) wanted to get a random bit. They
thought about each one flipping a coin, and then mixing the results. And
Bob said "what if one of us don't do it randomly", and Alice said as
long as one of the results was truly random, the final result would be
random. So I suppose as long as the entropy generator output is mixed
with other sources of entropy, it can't lower the quality of the final
entropy. But of course, maybe I didn't understand it right.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Gnupg-users