Integrated crypto

keithmo k-e-i-t-h-m-o at e-x-m-s-f-t.com
Sun Mar 28 16:55:22 PST 2004


"Dagmar d'Surreal" <dagmar.wants at nospam.com> wrote in message
news:1080516982.1754.1.camel at lanshark.kung.foo...
>
> There are some people who have very nasty things to say about using
this
> kind of source as a seed for entropy.  Basically the argument goes
that
> someone able to generate a lot of RF in your area can effectively
> control your entropy pool and drastically reduce the strength of the
> generated keys.
> -- 

In the message on Security Focus
(http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-12/00
82.html), the person that ported the code to Linux states "...suitable
for most anything except actually generating cryptographic keys". It
probably makes an OK source for the entropy pool, but clearly it should
not be the only source.


KM





More information about the hlfs-dev mailing list