[Cryptography] cheap sources of entropy

Bill Stewart bill.stewart at pobox.com
Mon Feb 3 01:22:24 EST 2014

At 02:54 PM 2/2/2014, James A. Donald wrote:
>We only need 128 bits of entropy, every now and then.  We are not 
>going the be cpu bound all the time, and we are certainly not going 
>to be cpu bound when the system is first turned on.

I'm not too worried about the "every now and then" case.  It's an 
issue, but it's one that gives you time to watch lots of fairly 
random stuff before you need a result.  Even CPU randomness is probably enough.

I'm mainly worried about the "new virtual machine, cloned from a 
standard image" case,
which needs to set up ssh keys, ssl keys, and seed /dev/random before 
it's ready to deal with the rest of the world
in ways that would give it some more entropy to work with.

More information about the cryptography mailing list