From: Kent Borg [mailto:kentb...@borg.org]
Logically, if the crypto is good, entropy accounting should not matter,
That's not true. Take for example, Fortuna. Bruce Schneier says (I paraphrase
because I don't have the book in front of me right now) The way we eliminate
problems with
On 09/08/2014 08:26 PM, Edward Ned Harvey (blu) wrote:
The problem with bad entropy sources would be overestimating their
entropy.
Entropy calculation is doomed unless one can define and control larger
system boundaries--not just software but complete hardware with physical
protections
I am not wedded to the xor decision, and I would not have dreamed it up.
But looking at NSA's backdoor as an engineering problem, that xoring
looks like a really hard thing for them to break. The secret silicon
would have to be field upgradable to match specific kernel versions.
There have
Correction: it is Ted Ts'o. Not T'so as I had written.
Sorry,
-kb
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss
From: Kent Borg [mailto:kentb...@borg.org]
I am not wedded to the xor decision, and I would not have dreamed it up.
But looking at NSA's backdoor as an engineering problem, that xoring
looks like a really hard thing for them to break. The secret silicon
would have to be field upgradable to
Does GPG use /dev/random? I think so...
On my current Linux installation, Debian 7, my pool size is 4096-bits,
and my last couple Ubuntus were I think the same. That is a lot.
A public key of 4096-bits is like a much shorter symmetric key
(~200-bits?), so unless you are generating a bunch of
From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
bounces+blu=nedharvey@blu.org] On Behalf Of Bill Horne
Is there any way to speed the process? Short of putting up an antenna
and counting bits of static, how can I accumulate random bits more
quickly that by typing or
From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
bounces+blu=nedharvey@blu.org] On Behalf Of Bill Horne
With the key signing coming up, I set out to generate a brand new, 4096-bit
RSA key.
However, GPG says I need more entropy,
BTW, how are you generating your key?
On Sun, Sep 7, 2014 at 8:52 AM, Kent Borg kentb...@borg.org wrote:
A public key of 4096-bits is like a much shorter symmetric key (~200-bits?),
so unless you are generating a bunch of keys, you shouldn't have any
problem.
An RSA key of size 4096 bits has *security* equivalent somewhere
On 09/07/2014 12:38 PM, Bill Ricker wrote:
An RSA key of size 4096 bits has *security* equivalent somewhere
between 128 and 200 bits (which sometimes gets rounded down to 128
since 256 bits), but that is *not* a measure of how much entropy its
generation will consume. Generating two 2kbit
On 09/07/2014 10:25 AM, Edward Ned Harvey (blu) wrote:
Also, shutdown into BIOS, and make sure your TPM is enabled. Even if
you use it for nothing, it is a hardware entropy source that the
kernel can source from.
As I said, urandom driver details change, but last I looked the Intel
RNG is
On Sun, Sep 7, 2014 at 2:01 PM, Kent Borg kentb...@borg.org wrote:
Generating two 2kbit primes will consume a *lot* of entropy from
/dev/random, because each random candidate-prime must be tested by hundreds
of random 'witness' numbers (potentially upto 1kbit in size).
Oops.
Yup. Generating
From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
bounces+blu=nedharvey@blu.org] On Behalf Of Kent Borg
As I said, urandom driver details change, but last I looked the Intel
RNG is only Xor-ed into the urandom driver's output. It can't hurt--even
if the NSA knows every
... other than by asking a question that some will think should be researched
on-line? ;-)
With the key signing coming up, I set out to generate a brand new, 4096-bit
RSA key.
However, GPG says I need more entropy, and suggests I do other things on the
system to get it. Google wasn't
On 9/6/2014 4:17 PM, Bill Ricker wrote:
On Sat, Sep 6, 2014 at 4:00 PM, Bill Horneb...@horne.net wrote:
2. Does doing other things on the system contribute to the entropy pool? In
other words, does Linux acquire randomness by monitoring the time between
keystrokes or mouse movements or similar
On Sat, Sep 06, 2014 at 05:50:13PM -0400, Bill Horne wrote:
On 9/6/2014 4:17 PM, Bill Ricker wrote:
On Sat, Sep 6, 2014 at 4:00 PM, Bill Horneb...@horne.net wrote:
2. Does doing other things on the system contribute to the entropy pool?
In
other words, does Linux acquire randomness by
Bill Horne wrote:
However, GPG says I need more entropy...
I'd expect that to appear if it has only been a short while (a few
hours) since the system booted up. Out of curiosity, how long had it
been since you booted?
I'd recommend doing nothing special, other than using the system
normally,
17 matches
Mail list logo