0.9.1

Werner Koch wk at isil.d.shuttle.de
Wed Jan 13 10:44:52 CET 1999


Thomas Roessler <roessler at guug.de> writes:

> Other things I've seen to get randomness include:
> 
> - Hashing the system log files.
> - Hashing the output of "ls -lu" [that's atime] for a couple of
>   often-used system direcotries, like /bin, /usr/bin, /lib,
>   /usr/lib, /etc, and the like.
> - Hashing the contents of your mail folders
> - Hashing the output of ps axwm
> - Hashing the output of netstat

But hashing is not what we need for the GnuPG RNG as this is done
internally in the random number generator.  A simple form of
compression is good enough before putting it as entropy into the
gnupg RNG.  Even adding non random data to the internal RNG does
not do any harm.

I suggest to read the paper about Practically Strong Random Number;
I found out that it is still available at Peter Gutmann's homepage:

   http://www.cs.auckland.ac.nz/~pgut001


  Werner





More information about the Gnupg-devel mailing list