[Pkg-gnutls-maint] Bug#489523: pidgin-otr: key generation uses too much entropy from /dev/random
Simon Josefsson
simon at josefsson.org
Wed Jul 9 14:08:11 UTC 2008
I'm not a pidgin-otr user (yet), but some random comments:
What kind of key is generated here? If it is a long-term private key
(RSA etc) then using /dev/random is likely the right thing.
Generally, I agree that it would be useful to speed up the randomness
process.
Btw, consider doing something like:
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
Then it will read from /dev/urandom even for public-key generation. Of
course, you are probably on your own wrt to security of these keys, and
you'll need to look into the libgcrypt code to understand exactly what
this does.
/Simon
More information about the Pkg-gnutls-maint
mailing list