key generation: paranoia mode - explicit random input
Hauke Laging
mailinglisten at hauke-laging.de
Fri Feb 28 15:42:29 CET 2014
Am Do 27.02.2014, 08:38:37 schrieb Michael Anders:
> If a private key has been accessed on a system some adversary might
> have had a chance to tamper with(e.g. with the PRNG or generally if
> it is an NSA friendly OS connected to the web ;-) , there could have
> been a keylogger in place and security of the key is gone.
I am talking about a szenario in which everything which can be
reasonably done already has been done. I am not talking about "Here's my
system at which I click on every link I see. How can I make GnuPG more
secure?".
I.e. we are talking about offline systems here (yeah, I remember the
discussion about USB sticks being dangerous...) thus a keylogger would
not be a problem.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140228/5a86b965/attachment-0001.sig>
More information about the Gnupg-users
mailing list