Ahmed Hassan said the following on 03/01/2014 13:47: > There is a huge difference between asymmetric encryption and > cryptographically secure pseudo-random number generator. EC is secure, the > default random number generator on Linux is /dev/urandom. It does not use > the backdoored NSA PRNG. The algorythm behind /dev/urandom is not robust (http://eprint.iacr.org/2013/338.pdf) With headless and/or virtual servers the issue is even bigger because Linux could not be able to collect enough entropy to seed /dev/urandom Some entropy generator daemon such as timer_entropyd (http://www.vanheusden.com/te/), haveged (http://www.issihosts.com/haveged/) or randomsound (http://www.digital-scurf.org/software/randomsound) can be used to generate more entropy Ciao, luigi -- / +--[Luigi Rosa]-- \ I think that's how Chicago got started. A bunch of people in New York said "Gee, I'm enjoying the crime and the poverty, but it just isn't cold enough. Let's go west." --Richard Jeni _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos