[Cryptography] Fast-key-erasure RNG and fork()ing
Yann Ylavic
ylavic.dev at gmail.com
Thu Jun 28 19:01:34 EDT 2018
On Thu, Jun 28, 2018 at 1:31 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
>>
>> Simple. Use an RNG that does not keep state in the application.
>>
>> Use a hardware RNG
Well, it's not like it grows in the fields.
>> Use a kernel level RNG that does not provide bits until it has sufficient
>> entropy.
Which not any system provides right? Until recently, even Linux did
not (it seems that it's backported to earlier kernels now, but still).
As a portable lib maintainer, you sometimes have to do it yourself.
Not an exact science, though.
Regards,
Yann.
More information about the cryptography
mailing list