Using smartcard as RNG
mailinglisten at hauke-laging.de
Sun Apr 14 06:00:45 CEST 2013
Am Sa 13.04.2013, 13:04:31 schrieb Pete Stephenson:
> I did some searching in the archives but wasn't able to see if someone
> else asked this question before. If it's been discussed before and I
> missed it then I apologize in advance
I did (if I did not just dream it). And as even I don't find that (neither via
Google nor in my MUA) you are completely excused. :-)
> That said, I was curious if it is possible for GPG to use the hardware
> RNG in an OpenPGP smartcard (either the GnuPG-branded one sold by Kernel
> Concepts or ones like the GPF Crypto Stick) as an entropy source for
> non-card-based operations.
I was told then that this was possible but not the solution to all randomness
problems. Hardware can have defects, and in case of RNGs it is especially
difficult to be sure that there are no problems. You need know what the
hardware errors can be in order to be able to search for the right traces in
the output. Otherwise non-trivial failure of a hardware RNG may keep
PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 572 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users