On 21/11/16 11:04, Peter Lebbing wrote: >>> >> rather trust GnuPG's random number generator than the one on a cheap >>> >> smartcard >>> >> (or any smartcard for that matter). So I would recommend to not use the >>> >> on-card >>> >> key generation feature anyway. >> > >> > That's quite an interesting point that I have not thought about. Do >> > you have any references to the papers that I can read on this subject? > No, but I remember Werner Koch saying he'd rather not use the on-card > RNG. I tried to find this, but the best I could find was his statement > that you don't want regular DSA on smartcard[1]. As I understand it, > that is because of the risk of a failing RNG.
Have a look at the graphs on page 7 of this PDF: https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_svenda.pdf tl;dr: Some smart cards have *shockingly* poor RNG implementations. A
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
