On 13.08.2011 10:09, Kyle Hamilton wrote:
> See also http://egd.sourceforge.net/ (Entropy Gathering Daemon, written
> in perl)
EGD is meant for systems where the /dev/random is not
present/accessible.
Assuming the /dev/random takes the entropy from all sources
affecting the scheduling of processes such userspace solutions
simply can't return more entropy and using them only generates
a false sense of added security (by obscurity).
Trust your /dev/random and if there are possible attacks on it,
thwart them directly. If you think there is an entropy source
the /dev/random does not use, implement it and submit a patch
to your kernel maintainer. If this is not enough, use a hardware
source of randomness.
Regards
--
Stano
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
