> I at least have a plan to add additional data, but probably not in > the current idea was probably not the way you would like to see it.
:-) > My idea was to query at least various sources that we don't > attribute any entropy to, like getpid(), gettimeofday(), > clock_gettime(), the TSC, ... >From my point of view – adding these doesn’t add a whole lot, but it doesn’t >hurt. IMHO – add away. ;-) > It might also use things like RDRAND / RDSEED which we don't trust. Some don’t trust these, some think that they would add a good amount of entropy. I for one would certainly like to see the output of these mixed in. >From cryptography point of view, it cannot hurt, but may help a lot. Consider it as a lottery ticket you don’t have to pay for. ;-) > So I guess you want an interface that can both add things to the > "entropy" pool, and to the "additional data" pool? That is correct. Especially because some of us have “real” nice/fancy hardware RNG (TRNG) available, and some like to mix in the output from RNGs on hardware tokens - maybe not as impressive as a “real” fancy TRNG, but as they say, every bit helps – in this case literally. > It shouldn't be that hard, I'll try to come up with some proposal soon. Thank you!!
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev