[Cryptography] Fast-key-erasure RNG and fork()ing

james hughes hughejp at me.com
Tue Jun 26 22:40:44 EDT 2018

> On Jun 24, 2018, at 4:11 PM, Yann Ylavic <ylavic.dev at gmail.com> wrote:
> I wonder how I'd best handle fork()ed processes, given that with the
> above design the forked key is the one that should produce the next
> keystream, and obviously the parent and child processes must not use
> the same one.

Simple. Use an RNG that does not keep state in the application. 

Use a hardware RNG
Use a kernel level RNG that does not provide bits until it has sufficient entropy.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180626/9711f926/attachment.html>

More information about the cryptography mailing list