Uses too much entropy (Debian Bug #343085)
Marc Haber
mh+gnutls-devel at zugschlus.de
Fri Jan 4 21:18:36 CET 2008
On Fri, Jan 04, 2008 at 08:40:44PM +0100, Simon Josefsson wrote:
> Interesting, 235/8=29.375 bytes. The minimum randomness needed per TLS
> session would be 28 bytes for client hello random_bytes plus 46 bytes
> for the PreMasterSecret (if RSA is used for key exchange). If openssl
> is using /dev/urandom, I think it is overly optimistic about the quality
> of that data.
I suspect that it only uses data from /dev/u?random to seed its own
PRNG.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
More information about the Gcrypt-devel
mailing list