[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] Speed of random data generation
|
From: |
Werner Koch |
|
Subject: |
Re: [gnutls-dev] Speed of random data generation |
|
Date: |
Thu, 14 Jun 2007 18:36:51 +0200 |
|
User-agent: |
Gnus/5.110007 (No Gnus v0.7) |
On Wed, 13 Jun 2007 19:45, address@hidden said:
> OpenSSL also simply seems pulls less bytes from the device for doing
> the same thing. "certtool --generate-dh-params --bits 1024" almost
> completely depletes the entropy pool, (down from 3596 to 143 bytes[1]
> according to /proc/sys/kernel/random/entropy_avail, while the
That is indeed a lot. gnutls uses libgcrypt and luibcgrypt rquires that
its internal random pool gets filled with enough high quality random;
i.e. 600 bytes. That should be sufficient for creating a secret prime
but it depends on how it is implemented.
Salam-Shalom,
Werner
Re: [gnutls-dev] Speed of random data generation,
Werner Koch <=