On Sun, Sep 7, 2014 at 2:01 PM, Kent Borg <[email protected]> wrote: >> Generating two 2kbit primes will consume a *lot* of entropy from >> /dev/random, because each random candidate-prime must be tested by hundreds >> of random 'witness' numbers (potentially upto 1kbit in size). > > > Oops.
Yup. Generating large crypto-grade random primes is not something you want to do frequently (as in, during a connection/transmission protocol). They should last years, and are used to protect just-big-enough temporary keys that use entropy VERY efficiently. But as frequently as you attend a PGP/GPG key-signing, bit efficiency is rather less relevant than gas mileage to get there. -- Bill Ricker [email protected] https://www.linkedin.com/in/n1vux _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
