[Cryptography] [RNG] on RNGs, VM state, rollback, etc.
Christoph Anton Mitterer
calestyo at scientia.net
Fri Oct 18 19:27:37 EDT 2013
On Fri, 2013-10-18 at 18:08 -0500, Nico Williams wrote:
> The problem is that many apps expect /dev/urandom never to block.
Sure... but a) AFAIU nobody's talking that urandom should block ever
once it has been correctly seeded, right? and b) even if that was
necessary for security than that simply wins. If an program cannot live
with a blocking device than it's buggy.
> This
> is a severe problem if such an app is invoked early in boot and blocks
> the rest of the bootup procedure.
And? A thousand times better than revealing all your secrets by using
bad entroy.
Cheers,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5165 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131019/7d038a11/attachment.bin>
More information about the cryptography
mailing list