On Wed, Mar 5, 2014, at 7:58, Bastian Blank wrote: > On Wed, Mar 05, 2014 at 06:54:53AM +0000, Ondřej Surý wrote: > > > Also ECDSA shares with DSA the serious disadvantage over RSA that making > > > signatures on a system with a broken RNG can reveal the key. > > Care to share a source? I thought that RSA would be vulnerable to poor RNG > > as well. > > The algorithm. DSA and ECDSA need randomness in the signature process, > see Wikipedia. > > RSA only takes randomness during key generation.
I see, for the reference RFC6979 provides more information (and remedy for the problem). Thanks for the hint, I have googled for "ECDSA broken RNG" that didn't reveal the correct source. O. -- Ondřej Surý <ond...@sury.org> Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1394004176.29929.90741897.31dee...@webmail.messagingengine.com
