[Ach] Fwd: Bug/Ba in OpenSSL
christian mock
cm at coretec.at
Mon Nov 25 18:24:41 CET 2013
On Mon, Nov 25, 2013 at 08:35:59AM +0100, Klaus Darilion wrote:
> Maybe it would be useful to add some words about random generators
> too. E.g. practical advices to get good random generators and lots
> of entropy if you need to generate lots of key materials (e.g. tools
> like entropy tokens, haveged, ...)
>From googling around a bit, I found that some people are less than
happy with haveged:
http://jakob.engbloms.se/archives/1374
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2011-02
They say adding (fake) entropy to the pool can't be bad since the
entropy shouldn't decrease, but the danger may be that you think you
have enough entropy while you haven't...
cm.
--
Christian Mock Wiedner Hauptstr. 15
Senior Security Engineer 1040 Wien
CoreTEC IT Security Solutions GmbH +43-1-5037273
FN 214709 z
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
http://heise.de/-1260559
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
More information about the Ach
mailing list