On Fri, 2009-09-11 Christoph Anton Mitterer wrote:
 . . .
sell bad devices that produce poor entropy thus rendering
our (symmetric and asymmetric) keys, signatures etc. "useless".
 . . .

Just out of curiousity, about how "poor" entropy might make it easy to break encryption: Is it necessary for an attacker to know pre-attack that a specific targeted file has been
encrypted or etc using poor entropy?  Or is the weakness one
which can efficiently be exploited en mass, by attacking all
files in a batch of files and just being successful against
any of the files which happened to be encrypted using poor
entropy?


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to