[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] Why delay generating second and other keys?
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
Re: [Help-gnutls] Why delay generating second and other keys? |
|
Date: |
Wed, 26 Oct 2005 23:15:32 +0200 |
|
User-agent: |
KMail/1.8.2 |
On Wednesday 26 October 2005 22:51, Fran wrote:
> > I suppose you talk about certtool. This is a good thing. The first key
> > depletes entropy from /dev/random. The second key the same. The system
> > needs some time to gather entropy.
> I see /dev/random code an seems that extract data from mouse, keyboard,
> interrupts, etc.
> If mouse and keyboard do not affect to the PC, the random number is
> gathered very slow (very slow).
> This is a problem of enclosure (deterministic system, low precision),
> and only should be solved with special device (hardware) with precision
> that see the caos of real world (more liberty degree).
> Nothing to be done.
If you generate the keys in one process then the libgcrypt random generator
will optimize things a bit, since less reads from /dev/random will be
required.
> Another question:
> Libcrypt use exit() in functions.
This looks like a bug in libgcrypt.
I will forward this to the libgcrypt list.
--
Nikos Mavrogiannopoulos