On Sun, Sep 7, 2014 at 2:01 PM, Kent Borg <[email protected]> wrote:
>> Generating two 2kbit primes will consume a *lot* of entropy from
>> /dev/random, because each random candidate-prime must be tested by hundreds
>> of random 'witness' numbers (potentially upto 1kbit in size).
>
>
> Oops.

Yup. Generating large crypto-grade random primes is not something you
want to do frequently (as in, during a connection/transmission
protocol).  They should last years, and are used to protect
just-big-enough temporary keys that use entropy VERY efficiently.

But as frequently as you attend a PGP/GPG key-signing, bit efficiency
is rather less relevant than gas mileage to get there.


-- 
Bill Ricker
[email protected]
https://www.linkedin.com/in/n1vux
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss

Reply via email to