questions about RNGs and FIPS 140

Peter Gutmann pgut001 at
Sat Aug 28 02:39:42 EDT 2010

John Denker <jsd at> writes:

>There exist lots of small and/or embedded and/or virtual Linux systems that
>have no useful sources of entropy.

Interesting that you should mention this, I was having a debate earlier today 
on the use of DLP/ECDLP-based cryptosystems vs. RSA in embedded devices.  My 
argument was that DLP, and particularly ECDLP, looked good on paper but in 
practice were quite dangerous because the lack of entropy on the very limited 
systems that they're being pushed for makes it risky to use them there.  So 
far of the three ECDLP-using embedded devices I've been able to look at in 
detail, all three failed to use proper entropy where required and one 
definitely and the other two probably didn't check the key parameters as 
required either.

(Cue debate on ECC vs. RSA :-).


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list