gnutls-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] Re: alternative /dev/random


From: Nikos Mavrogiannopoulos
Subject: Re: [gnutls-dev] Re: alternative /dev/random
Date: Sat, 11 Mar 2006 13:45:09 +0100
User-agent: KMail/1.9.1

On Sat 11 Mar 2006 13:08, Andreas Metzler wrote:

>   CONFIG_CRYPTO, and "we simply have carefully designed /dev/random
> to minimize its reliance on crypto primitives, since we have so much
> entropy available to us from the hardware. Fortuna, in contrast, has
> the property that if its cryptoprimitives are broken, you might as
> well go home." The general feeling seems to be that the current

I will only comment on that. This statement is  totally wrong. If SHA1
fails to provide preimage resistance the random generator of the linux
kernel is as good as  /dev/zero. The only advantage of the linux 
generator until some days ago was that nobody except its author
actually knew how it worked and there were no serious studies about it.
This changed some days ago with the paper that discussed the weaknesses
of /dev/random.

regards,
Nikos



reply via email to

[Prev in Thread] Current Thread [Next in Thread]