On Feb 18, 2012, at 11:37 AM, Jeffrey I. Schiller wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 02/18/2012 01:50 PM, Thor Lancelot Simon wrote: >> Um, why would it ever _unblock_, on such a device under typical >> first-boot conditions? > > The idea would be that bootstrap would continue without the key being > generated. The key generation could then be retried periodically. > Eventually the device should gather some entropy from network packet > arrival time and similar environmental input (whether or not that input, > particularly in the VM environment, is providing really good entropy is > a different question).
Really? Many cryptographers would say that number of unpredictable bits is very much a part of the question. For example, you cannot prove that the duplicate keys found were generated when the PRNG of the system was uninitialized: it's quite possible that they were generated when the PRNG was initialized with the same inputs. --Paul Hoffman _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
