[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] Re: Feature request: not really random session keys
From: |
Werner Koch |
Subject: |
Re: [gnutls-dev] Re: Feature request: not really random session keys |
Date: |
Tue, 31 Jan 2006 10:17:08 +0100 |
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/21.4 (gnu/linux) |
On Mon, 30 Jan 2006 17:44:41 +0100, Florian Weimer said:
> After a reboot, there is a lot of disk activity, and according to the
> current estimates, this creates a lot of entropy. So it's not a real
I have seen reports that this is really predictable and allows for
real world attacks.
>> It may be wise for systems to save the /dev/random pool on shutdown
>> and restore it on startup.
> Is this really a good idea? I mean, exposing the pool state like
> this?
All systems I know are doing just this (e.g. /etc/init.d/urandom).
This mitigates the problem described above.
Shalom-Salam,
Werner
Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30