[gnutls-dev] Re: Feature request: not really random session keys
Simon Josefsson
jas at extundo.com
Wed Jan 18 14:03:44 CET 2006
Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
> On 1/18/06, Florian Weimer <fw at deneb.enyo.de> wrote:
>> Okay, the subject line might be a bit misleading. On server machines,
>> random bits are a very scarce ressource, and you cannot really afford
>> to throw them a way at a rate of a few kbps. Yet if you run certain
>> network servers (or clients) with GNUTLS, this is what happens -- and
>> these servers stall from time to time, waiting for more randomness.
>> I would like to see an additional API which allows code to degrade
>> session key randomness to a mere PRNG (i.e. /dev/urandom instead of
>> /dev/random). In a theoretical sense, this sacrifices Perfect Forward
>> Secrecy, but for some applications (MTAs, for example) this is not
>> such a relevant issue anyway.
>
> Well, gnutls shouldn't use /dev/random on normal server use. For example if
> you use only TLS /dev/random shouldn't be accessed. Only if you generate
> private keys (or RSA parameters) /dev/random will be used.
Perhaps someone with this problem could debug exactly what is
accessing /dev/random? Perhaps libgcrypt does it internally for some
reason.
More information about the Gnutls-devel
mailing list