Some signature methods require this, some do not. RSA should not (in general) but RSA encryption in practice may. Signing is different, in that you know both halves (encrypted and cleartext) so it should not require padding.
I think DSA does require randomness in signing. --Michael On May 10, 2012, at 2:41 PM, Alexander Gurvitz wrote: > Hello all. > > What random device used for ? > ARM says "Entropy is primarily needed for DNSSEC operations, > such as ... dynamic update of signed zones". I don't get why signing a zone > requires any randomness. > > This bothers me as I'm implementing DNSSEC now, and I know that my systems > are low at entropy, and BIND default random-device is /dev/random, > and it (the device) blocks when there's no entropy available. > > Does BIND really needs that entropy, and how much ? > > Regards, > Alexander Gurvitz, > net-me.net > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
