key generation: paranoia mode - explicit random input

Hauke Laging mailinglisten at
Wed Feb 26 22:07:06 CET 2014

Am Mi 26.02.2014, 08:56:17 schrieb Werner Koch:

> You may first want to read about Libgcrypt/GnuPG RNG.  The Libgcrypt
> manual has a section on it.

I had a look at that but I am not sure what you want me to read. Could 
you be more precise about that?

One thing came to my mind reading that: It may not be enough to 
"redirect" /dev/random as more entropy sources are used. I don't know 
though when they are used. Probably not for the generation of asymmetric 
and symmetric keys.

It seems to me that in the worst case three different inputs have to be 
supplied (for the different quality levels).

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140226/300f49d8/attachment.sig>

More information about the Gnupg-users mailing list