[GTALUG] Crypto Question: Where do you get your entropy
D. Hugh Redelmeier
hugh at mimosa.com
Fri Nov 14 07:19:15 UTC 2014
| From: William Muriithi <william.muriithi at gmail.com>
[Your MUA seems to muck up linebreaks in quoting. It also converted
some of what I typed to non-ASCII. I've tried to fix that.]
| >Adversaries can easily break your cryptosystem if
| >you don't have sufficient entropy. It's that bad.
|
| >What sources do you use? /dev/random and
| >/dev/urandom are the Linux
| >channel for entropy. There are various sources
| >that can be pooled by the kernel:
|
|
| /dev/urandom does not generate entropy I think. It depends on
| /dev/random. The firmer just stretch the later entropy.
Neither generates entropy. That's why I described them as channels. I
tried to be fairly careful in what I said.
You are right that /dev/random only yields as many bytes as the
kernel estimates there are bytes of entropy in the pool and that
/dev/urandom will give as many bytes as you ask for, even if the
entropy estimate says that there is none remaining.
Entropy is a tricky topic. Maybe this talk next Monday will be
enlightening:
<http://www.fields.utoronto.ca/programs/scientific/fieldsmedalsym/14-15/Images/fms_po_final.pdf>
I'm thinking of going.
| The problem is more acute with servers though unfortunately as most run
| on virtualized environment these day and since there is no console, they
| gave little entropy during start up.
Good point: virtual servers are even worse off than real servers.
More information about the talk
mailing list