1996-02-13 - Re: Using /dev/random for PGP key generation? Be Wary

Header Data

From: Deranged Mutant <wlkngowl@unix.asb.com>
To: cypherpunks@toad.com
Message Hash: f90bfa5fe57360a034a63b79d96db74dd7850e11b2d6001d4f86206df74d870b
Message ID: <199602130143.UAA23096@bb.hks.net>
Reply To: N/A
UTC Datetime: 1996-02-13 07:00:10 UTC
Raw Date: Tue, 13 Feb 1996 15:00:10 +0800

Raw message

From: Deranged Mutant <wlkngowl@unix.asb.com>
Date: Tue, 13 Feb 1996 15:00:10 +0800
To: cypherpunks@toad.com
Subject: Re: Using /dev/random for PGP key generation? Be Wary
Message-ID: <199602130143.UAA23096@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

rngaugp@alpha.c2.org wrote in the c'punks list:
> Subject: Using /dev/random for PGP key generation? Be Wary
> 
> I have created a modified version of pgpi for use with a hardware random
> number generators. Recently, there has been some confusion because
> people have assumed that I wished people to use this version with
> NOISE.SYS or an RNG that gathers entropy from timing events called
> /dev/random.

My concern, since there is a DOS version available according to your 
announcement (and this applies to OS/2 and Linux compilations as well) is 
that your version assumes /dev/random produces a continuous stream rather 
than bursts of data limited to how much entropy is gathered.  A poor 
implementation even with a good driver is disasterous.

[..]
> Be assured that I originally planed the modification to be used with a
> real hardware RNG. I tested it with the CALNET/NEWBRIGE RNG under DOS
> and OS/2. The "RNGDRIVER" feature I tested with OS/2 and the driver in
> RNG810.ZIP available at ftp.cdrom.com.

Hmmm... I'll have to check that out.

[..]

> I am unsure about using my modification, together with these drivers
> that are not connected to a real hardware RNG. In what way would the use
> of these drivers' methods of gathering entropy be superior to PGP's
> method of getting entropy from keyboard timing? If you choose to do
> something like this, you should think carefully and make a careful study
> of the code.

I'm curious as to what method you tyest the hardware RNG's entropy?

[..]

> made to work. But careful thought an careful design should be done
> first.

Yep.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMR/s2yoZzwIn1bdtAQEdeAF/XFFki97J+phJv76eMZXcMyHt1ChjN3FD
PsMvsq03g/QHYfAMhb25qoSp5H6F5HFZ
=2l/3
-----END PGP SIGNATURE-----





Thread