Re: gnome-keyring Generating RSA keys from /dev/urandom

From: Stef Walter <stefw collabora co uk>
To: Nikos Mavrogiannopoulos <nmav gnutls org>
Cc: "gnome-keyring-list gnome org" <gnome-keyring-list gnome org>
Subject: Re: gnome-keyring Generating RSA keys from /dev/urandom
Date: Sun, 12 Dec 2010 10:22:11 -0600

On 2010-12-09 10:28, Nikos Mavrogiannopoulos wrote:
> /dev/random is pretty useless for cryptographic (any) applications,
> unless there is an open time limit (i.e. wait 10 minutes until there is
> entropy enough to start a TLS session). Usually user's (like me) don't
> want to do that, thus /dev/urandom comes to play. There are not known
> weaknesses so far as long as there was gathered randomness at some point.
> 
> A description and study of it can be seen at
> http://www.pinkas.net/PAPERS/gpr06.pdf
> 
> There are other (maybe better) alternatives to /dev/random algorithm
> that do not require blocking, but in linux that's all we have.

Interesting. Good to know.

I agree that that using /dev/random is basically completely unusable.
I'll disable the /dev/random usage in libgcrypt and use /dev/urandom
instead.

The way to use /dev/urandom in libgcrypt is like so:

gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);

The only risk is that libgcrypt gives us very few guarantees about
what it's doing, and whether the behavior of that setting will change in
the future.

But I think this acceptable, and will post some code for PKCS#11 key
generation soon.

Cheers,

Stef

References:
- gnome-keyring Generating RSA keys from /dev/urandom
  - From: Stef Walter
- Re: gnome-keyring Generating RSA keys from /dev/urandom
  - From: Nikos Mavrogiannopoulos

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]