[gnutls-dev] Feature request: not really random session keys

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Wed Jan 18 14:26:15 CET 2006


> I would like to see an additional API which allows code to degrade
> session key randomness to a mere PRNG (i.e. /dev/urandom instead of
> /dev/random).  In a theoretical sense, this sacrifices Perfect Forward
> Secrecy

This is not really true. Only if you consider the /dev/urandom algorithms
and the libgcrypt PRNG broken.

regards,
Nikos



More information about the Gnutls-dev mailing list