Am Dienstag, 26. November 2013, 10:56:30 schrieb Sandy Harris: Hi,
> On Mon, Nov 25, 2013 at 6:46 PM, coderman <coder...@gmail.com> wrote: > > On Sun, Nov 24, 2013 at 2:04 PM, Fabio Pietrosanti (naif) > > > > <li...@infosecurity.ch> wrote: > >> ... > >> i found such a very nice piece of software that's said to provide added > >> entropy using HAVEGE algorithm: > >> http://www.issihosts.com/haveged/ > >> http://www.irisa.fr/caps/projects/hipsor/ > >> > >> Any opinion on the usefulness of that kind of tool as an additional > >> entropy source for crypto operations on a Linux system? > > > > do it yesterday! i have been using this (haveged) for many years, in > > addition to physical entropy sources, and it is very much a useful > > addition to host entropy sources. > > Yes. > > See here for another one, possibly more suitable on very limited > systems like phones or routers, and a PDF that discusses several > others including Havege. > ftp://ftp.cs.sjtu.edu.cn:990/sandy/maxwell/ The only challenge that I see with Havege is that the algorithm is quite complex and that the description does not fully explain why and where the entropy comes from. Looking into the source code of oneiteration.h, the code is also not fully clear. Considering the grilling I get with a similar RNG that I ask to be used as a seed source for /dev/random or other crypto libs (see thread http://lkml.org/lkml/2013/10/11/582), I would have concerns on the algorithm. Ciao Stephan -- | Cui bono? | _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography