Re: Uses too much entropy (Debian Bug #343085)

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Uses too much entropy (Debian Bug #343085)

From:	Marc Haber
Subject:	Re: Uses too much entropy (Debian Bug #343085)
Date:	Fri, 4 Jan 2008 21:18:36 +0100
User-agent:	Mutt/1.5.13 (2006-08-11)

On Fri, Jan 04, 2008 at 08:40:44PM +0100, Simon Josefsson wrote:
> Interesting, 235/8=29.375 bytes.  The minimum randomness needed per TLS
> session would be 28 bytes for client hello random_bytes plus 46 bytes
> for the PreMasterSecret (if RSA is used for key exchange).  If openssl
> is using /dev/urandom, I think it is overly optimistic about the quality
> of that data.

I suspect that it only uses data from /dev/u?random to seed its own
PRNG.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Uses too much entropy (Debian Bug #343085), (continued)

Prev by Date: Re: Interoperability issue with The Bat (Debian Bug #316522)
Next by Date: Re: On dropping -D_REENTRANT -D_THREAD_SAFE
Previous by thread: Re: Uses too much entropy (Debian Bug #343085)
Next by thread: Re: Uses too much entropy (Debian Bug #343085)
Index(es):
- Date
- Thread