[CentOS] Elliptic curve on Centos 6.x
Luigi Rosa
lists at luigirosa.com
Fri Jan 3 13:06:35 UTC 2014
Ahmed Hassan said the following on 03/01/2014 13:47:
> There is a huge difference between asymmetric encryption and
> cryptographically secure pseudo-random number generator. EC is secure, the
> default random number generator on Linux is /dev/urandom. It does not use
> the backdoored NSA PRNG.
The algorythm behind /dev/urandom is not robust
(http://eprint.iacr.org/2013/338.pdf)
With headless and/or virtual servers the issue is even bigger because Linux
could not be able to collect enough entropy to seed /dev/urandom
Some entropy generator daemon such as timer_entropyd
(http://www.vanheusden.com/te/), haveged (http://www.issihosts.com/haveged/)
or randomsound (http://www.digital-scurf.org/software/randomsound) can be used
to generate more entropy
Ciao,
luigi
--
/
+--[Luigi Rosa]--
\
I think that's how Chicago got started. A bunch of people in New York
said "Gee, I'm enjoying the crime and the poverty, but it just isn't
cold enough. Let's go west."
--Richard Jeni
More information about the CentOS
mailing list