key generation: paranoia mode - explicit random input

Peter Lebbing peter at
Fri Feb 28 11:38:20 CET 2014

Your system bears similarities to deterministic compilation, where you build a
binary on different systems and compare the results.

There is a defining difference though. With deterministic compilation, the built
binary is the end goal. When one of the systems it builds on is trustworthy, and
all copies are the same, the binary is the one that you want and will use. Your
product is okay. You don't care about the machines it was built on.

With your scheme, the public key or the signed message are not the end goal. The
end goal is the secrecy of the private components. You do care about all the
systems it was built on, because they still have your private key.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list