[gnutls-dev] Re: alternative /dev/random

Simon Josefsson jas at extundo.com
Wed Mar 8 17:32:40 CET 2006


FYI, a paper on the flawed /dev/random implemention in Linux.

Are the Debian folks reading this thread?  Perhaps someone could
forward our recommendation (i.e., replace the /dev/random device with
something better, such as Jean-Luc's patch below) to them.  That would
solve the problem that GnuTLS-applications block on /dev/random.

Jean-Luc Cooke <jlcooke at certainkey.com> writes:

> I didn't not write this.  I've given up trying to convince people of the
> problems with the Linux RNG long ago.
>
> http://eprint.iacr.org/2006/086
>
> It's worth mentioning that they said using a simpler RNG would have been
> better than using the RNG we have now.  That's almost insulting.
>
> JLC
>
> ps.  My out-of-date Fortuna RNG page: http://jlcooke.ca/random/
>
> -
> Linux-crypto:  cryptography in and on the Linux system
> Archive:       http://mail.nl.linux.org/linux-crypto/




More information about the Gnutls-devel mailing list