(Failed again to answer to list. I really ought to replace this shortcut...)
On Fri, Nov 08, 2013 at 12:11:38AM +0100, Johannes Zarl wrote: > Hi, > > I'm currently thinking about using a raspberry pi as a non-networked stand- > alone system for signing keys. Since I haven't heard anything to the contrary, > I'm pretty sure that entropy is relatively scarce on the pi. I heard haveged is quite good at gathering entropy from anywhere it can (processor cycles, etc.) > How is GnuPG affected by such a low-entropy system? Will operations just take > a bit longer, or can this affect the quality/security of generated keys or > signatures? > > I heard that low entropy or a bad entropy source is generall less of a problem > for RSA. Is this true? Does this affect me in practice? In theory, if /dev/random is configured to allow only random enough data to pass, it should just mean operations would just take longer. However, I am not absolutely sure of this -- but I know in theory /dev/random ensures some minimum entropy, thus sometimes blocking reads. Cheers & HTH, Leo _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
