Using smartcard as RNG

Hauke Laging mailinglisten at
Sun Apr 14 06:00:45 CEST 2013

Am Sa 13.04.2013, 13:04:31 schrieb Pete Stephenson:

> I did some searching in the archives but wasn't able to see if someone
> else asked this question before. If it's been discussed before and I
> missed it then I apologize in advance

I did (if I did not just dream it). And as even I don't find that (neither via 
Google nor in my MUA) you are completely excused. :-)

> That said, I was curious if it is possible for GPG to use the hardware
> RNG in an OpenPGP smartcard (either the GnuPG-branded one sold by Kernel
> Concepts or ones like the GPF Crypto Stick) as an entropy source for
> non-card-based operations.

I was told then that this was possible but not the solution to all randomness 
problems. Hardware can have defects, and in case of RNGs it is especially 
difficult to be sure that there are no problems. You need know what the 
hardware errors can be in order to be able to search for the right traces in 
the output. Otherwise non-trivial failure of a hardware RNG may keep 

PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130414/73a3d89f/attachment.sig>

More information about the Gnupg-users mailing list