On Sun, 2012-10-07 at 21:24 -0400, Theodore Ts'o wrote: > I've looked at his message, I didn't see any justification for his > concern/assertion. So I can't really comment on it since he didn't > give any reason for his belief. I asked him again[0] to be sure and he replied to have no reason to believe it's possible to spoil it.
> We've made a lot of changes in how we gather entropy recently >... I see,.. I guess this was in 3.6 then? Cause I made some tests with 3.5 and there (even on my desktop) available entropy is always rather low ... but with haveged it quickly falls and rises (that actually puzzles me) between 4096 and ~1k > We're not using SHA has a traditional cryptographic hash >... Of course :) Thanks for the good explanation of the operation though! > So I'm not particularly worried at this point. The other thing to > note is that the possible alternatives to SHA-1 (i.e., SHA-2 and > SHA-3) are actually slower, not faster. So we would be giving up > performance if we were to use them. I rather meant some other fast algos, e.g. those from the SHA3 competition which seem to be faster than SHA1. Haven't measured myself but just took: http://arctic.org/~dean/crypto/sha-sse2-20041218.txt http://skein-hash.info/sha3-engineering Well it's perhaps rather minor... Thanks anyway for all your information :) Cheers, Chris. [0] http://lists.gnupg.org/pipermail/gnupg-users/2012-October/045551.html
smime.p7s
Description: S/MIME cryptographic signature
