[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] Re: Feature request: not really random session keys
From: |
Werner Koch |
Subject: |
Re: [gnutls-dev] Re: Feature request: not really random session keys |
Date: |
Tue, 31 Jan 2006 10:29:12 +0100 |
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/21.4 (gnu/linux) |
On Mon, 30 Jan 2006 17:51:01 +0100, Simon Josefsson said:
> Should we write a simple daemon 'grngd', based on libgcrypt, and start
> to use it? That should be simple. It should likely register two
I already talked about this. The problem is that we can't be sure
that no traces of the random bytes are left in internal kernel
buffers.
That won't be a problem for me if it is about session keys but for
long term keys I'd hesitate to use an IPC mechanism to get the key
material to the application.
All what is actually needed is to make sure that Libgcrypts saves and
restores its own random pool realiable without producing random zero
length files (which is easy to fix). And not using
GCRY_VERY_STRONG_RANDOM.
Shalom-Salam,
Werner
- Re: [gnutls-dev] Feature request: not really random session keys, (continued)
- Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Andreas Metzler, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Werner Koch, 2006/01/30
- Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
- Re: [gnutls-dev] Re: Feature request: not really random session keys,
Werner Koch <=
- Re: [gnutls-dev] Feature request: not really random session keys, Werner Koch, 2006/01/31
Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Florian Weimer, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Florian Weimer, 2006/01/30
- [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
- Re: [gnutls-dev] Re: Feature request: not really random session keys, Werner Koch, 2006/01/31