[gnutls-devel] gnutls_rnd_level_t clarification
Max
msuraev at sysmocom.de
Fri Jan 6 12:05:31 CET 2017
Hi.
Could you help me to clarify the meaning of gnutls_rnd_level_t? There's
brief description available over at
https://www.gnu.org/software/gnutls/reference/gnutls-crypto.html#gnutls-rnd-level-t
but as it's a sensitive topic (misunderstanding might have detrimental
consequences for security) I'd rather double-check that my understanding
is correct.
GNUTLS_RND_KEY is the "best quality random" from cryptography point of view while GNUTLS_RND_NONCE is worst.
Am I correct in this? Are there any downsides to always using GNUTLS_RND_KEY aside from the risk of depleting OS entropy pool (which
would be reported by gnutls_rnd() anyway)?
--
Max Suraev <msuraev at sysmocom.de> http://www.sysmocom.de/
=======================================================================
* sysmocom - systems for mobile communications GmbH
* Alt-Moabit 93
* 10559 Berlin, Germany
* Sitz / Registered office: Berlin, HRB 134158 B
* Geschaeftsfuehrer / Managing Director: Harald Welte
More information about the Gnutls-devel
mailing list