[arch-general] haveged and Secure Cryptography

Gaetan Bisson bisson at archlinux.org
Fri Jul 20 01:25:02 EDT 2012


[2012-07-19 22:10:05 -0700] David Hunter:
> I'm sure that it's always going to
> be "random enough", but I often make use of Archlinux in forensic
> environments involving encrypted disks and files or transferring
> things over SSL, so I do need to know if there is even a theoretical
> weakness in my environment in case my tools and methodologies are
> called into question.

There are no known weaknesses as far as I know, but you can always
question the hypothesis that runtime measurements bear a significant
amount of entropy. Now if you are that paranoid you might also want to
avoid kernel-gathered entropy and just get yourself a physical entropy
generating device.

-- 
Gaetan


More information about the arch-general mailing list