As this topic crops up on the list frequently (and deservedly), here is a current reference by Nadia Heninger et. al. that discusses this problem in the context of generating SSH/SSL keys and certificates. This paper has a nicely strong experimental section that validates the analysis, quite in contrast to a lot of other work in the field. This was in a Blog article some time ago, but they now have a short and a long paper linked here: https://factorable.net/paper.html I can particularly recommend reading Sections 4.1, 4.2 and 5.1 of the long paper. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
