Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: gpg can't get random/entropy



On Tue, May 15, 2012 at 06:10:33PM +0300, Jukka Ruohonen wrote:
> On Tue, May 15, 2012 at 10:49:56AM -0400, Thor Lancelot Simon wrote:
> > Yes -- you don't want to get into the situation in which the only, or
> > almost the only, source of entropy is visible to the attacker.  It makes
> > iterative guessing attacks easier.
> 
> I noticed that acpitz(4) now collects entropy too. Are there any general
> guidelines about which sensor-like drivers are suitable for this task and/or
> should more of these be refactored to support rnd(9)?

It should be done in the envsys code, but the envsys code is, quite frankly,
insane, and I haven't got the stomach for it.

I did it to a few drivers that were fairly easy.  Any temperature, voltage,
or fan sensor is a good choice, and the timing of changes in gross power
state (plugged/unplugged, etc.) can also be useful though those do not
happen very often.

Thor


Home | Main Index | Thread Index | Old Index