[gnutls-devel] gnutls_rnd_level_t clarification
nmav at gnutls.org
Fri Jan 6 17:00:26 CET 2017
On Fri, Jan 6, 2017 at 12:05 PM, Max <msuraev at sysmocom.de> wrote:
> Could you help me to clarify the meaning of gnutls_rnd_level_t? There's
> brief description available over at
> but as it's a sensitive topic (misunderstanding might have detrimental
> consequences for security) I'd rather double-check that my understanding is
> GNUTLS_RND_KEY is the "best quality random" from cryptography point of view
> while GNUTLS_RND_NONCE is worst.
Yes. In practice GNUTLS_RND_KEY is a generator based on Yarrow, while
GNUTLS_RND_NONCE is a fast stream cipher (salsa20 if I remember well).
> Am I correct in this? Are there any downsides to always using GNUTLS_RND_KEY
> aside from the risk of depleting OS entropy pool (which
> would be reported by gnutls_rnd() anyway)?
None of them deplete the Linux entropy pool. The nonce generator is
much faster than the key one.
More information about the Gnutls-devel