[Cryptography] [RNG] on RNGs, VM state, rollback, etc.
James A. Donald
jamesd at echeque.com
Sat Oct 19 16:25:56 EDT 2013
On 2013-10-20 00:33, Theodore Ts'o wrote:
> As I've already said, I'm open to adding code that blocks /dev/urandom
> until "enough" entropy has been collected. But that's an
> interface-visible change, and it could break things.
It will break things that should be broken, causing them to fail
visibly, when previously they failed invisibly.
More aggressive entropy collection is not really a solution, since the
total amount of entropy required is very small, and usually the supply
of entropy is very large, and yet, cannot be treated as infinite.
Since cannot be treated as infinite, solution is to not treat it as
infinite.
More information about the cryptography
mailing list