Re: Elliptic curve on Centos 6.x

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Ahmed Hassan said the following on 03/01/2014 13:47:

> There is a huge difference between asymmetric encryption and 
> cryptographically secure pseudo-random number generator. EC is secure, the
>  default random number generator on Linux is /dev/urandom. It does not use
>  the backdoored NSA PRNG.

The algorythm behind /dev/urandom is not robust
(http://eprint.iacr.org/2013/338.pdf)

With headless and/or virtual servers the issue is even bigger because Linux
could not be able to collect enough entropy to seed /dev/urandom

Some entropy generator daemon such as timer_entropyd
(http://www.vanheusden.com/te/), haveged (http://www.issihosts.com/haveged/)
or randomsound (http://www.digital-scurf.org/software/randomsound) can be used
to generate more entropy



Ciao,
luigi

-- 
/
+--[Luigi Rosa]--
\

I think that's how Chicago got started. A bunch of people in New York
said "Gee, I'm enjoying the crime and the poverty, but it just isn't
cold enough. Let's go west."
       --Richard Jeni
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux