RE: /dev/random in 2.4.6

From: cfs+linux-kernel@cowlabs.com
Date: Tue Aug 21 2001 - 12:06:24 EST


> -----Original Message-----
> From: linux-kernel-owner@vger.kernel.org
> [mailto:linux-kernel-owner@vger.kernel.org] On Behalf Of Marco Colombo
> Sent: Tuesday, 21 August 2001 03:46
> To: Alex Bligh - linux-kernel
> Cc: David Wagner; linux-kernel@vger.kernel.org
> Subject: Re: /dev/random in 2.4.6
>
> A little question: I used to believe that crypto software
> requires strong random source to generate key pairs, but this
> requirement in not true for session keys. You don't usually
> generate a key pair on a remote system, of course, so that's
> not a big issue. On low-entropy systems (headless servers) is
> /dev/urandom strong enough to generate session keys? I guess
> the little entropy collected by the system is enough to feed
> the crypto secure PRNG for /dev/urandom, is it correct?

I dunno about you, but I want good random for session keys too! You can
still capture network traffic and decrypt at your leisure if you can
determine what the "random" number was used in making the session key.

cfs

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu Aug 23 2001 - 21:00:43 EST