[Cryptography] Fast-key-erasure RNG and fork()ing

Yann Ylavic ylavic.dev at gmail.com
Thu Jun 28 19:01:34 EDT 2018

On Thu, Jun 28, 2018 at 1:31 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
>> Simple. Use an RNG that does not keep state in the application.
>> Use a hardware RNG

Well, it's not like it grows in the fields.

>> Use a kernel level RNG that does not provide bits until it has sufficient
>> entropy.

Which not any system provides right? Until recently, even Linux did
not (it seems that it's backported to earlier kernels now, but still).
As a portable lib maintainer, you sometimes have to do it yourself.
Not an exact science, though.


More information about the cryptography mailing list