[OTR-dev] Re: [Pkg-gnutls-maint] Bug#489523: pidgin-otr: key generation uses too much entropy from /dev/random
Paul Wouters
paul at cypherpunks.ca
Thu Jul 10 18:28:43 EDT 2008
On Thu, 10 Jul 2008, Ian Goldberg wrote:
> The problem is that people run key generation with libgcrypt on machines
> that gather very little entropy into /dev/random, and key generation can
> literally take over an hour.
On a desktop with IM client? They don't use disk or network IO, both of
which gather entropy (on linux)?
Which systems do people use that are so entropyless, and can we only
use /dev/urandom on those?
> I'm happy to use /dev/urandom instead,
> since the output of a PRNG that only gets, say, 200 bits of entropy,
> had better be indistinguishable from a truly random source.
I am not sure I understand this sentence with respect to random vs urandom.
Paul
More information about the OTR-dev
mailing list