[Ach] Fwd: Bug/Ba in OpenSSL

christian mock cm at coretec.at
Mon Nov 25 18:24:41 CET 2013

On Mon, Nov 25, 2013 at 08:35:59AM +0100, Klaus Darilion wrote:

> Maybe it would be useful to add some words about random generators
> too. E.g. practical advices to get good random generators and lots
> of entropy if you need to generate lots of key materials (e.g. tools
> like entropy tokens, haveged, ...)

>From googling around a bit, I found that some people are less than
happy with haveged:



They say adding (fake) entropy to the pool can't be bad since the
entropy shouldn't decrease, but the danger may be that you think you
have enough entropy while you haven't...


Christian Mock                          Wiedner Hauptstr. 15
Senior Security Engineer                1040 Wien
CoreTEC IT Security Solutions GmbH      +43-1-5037273
FN 214709 z

CoreTEC: Web Application Audit - Damit so etwas nicht passiert!



More information about the Ach mailing list