key generation: paranoia mode - explicit random input
Hauke Laging
mailinglisten at hauke-laging.de
Wed Feb 26 22:07:06 CET 2014
Am Mi 26.02.2014, 08:56:17 schrieb Werner Koch:
> You may first want to read about Libgcrypt/GnuPG RNG. The Libgcrypt
> manual has a section on it.
I had a look at that but I am not sure what you want me to read. Could
you be more precise about that?
One thing came to my mind reading that: It may not be enough to
"redirect" /dev/random as more entropy sources are used. I don't know
though when they are used. Probably not for the generation of asymmetric
and symmetric keys.
It seems to me that in the worst case three different inputs have to be
supplied (for the different quality levels).
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140226/300f49d8/attachment.sig>
More information about the Gnupg-users
mailing list