Uses too much entropy (Debian Bug #343085)

Andreas Metzler ametzler at downhill.at.eu.org
Sat Jan 5 13:09:38 CET 2008


On 2008-01-04 Simon Josefsson <simon at josefsson.org> wrote:
> Andreas Metzler <ametzler at downhill.at.eu.org> writes:
[...]
>> testing with a exim linked against OpenSSL I get *slightly* less
>> entropy usage (235 vs 289 bits in the first testrun) when connecting
>> with swaks (perl/OpenSSL).

> For my curiosity, what are those numbers if you run gnutls with a
> NORMAL:%COMPAT priority?

Sorry, I have no go these numbers a hand, since exim is not using
gnutls_priority_init() yet.

> Cipher padding needs one byte of randomness
> for every encrypted packet, disabling padding may thus reduce the
> randomness needed further.  This assumes you actually sent some data
> back and forward, I don't whether you did.
[...]

I just sent QUIT over the encrypted channel.

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'





More information about the Gnutls-devel mailing list