On Fri, 2009-09-11 Christoph Anton Mitterer wrote: . . .
sell bad devices that produce poor entropy thus rendering our (symmetric and asymmetric) keys, signatures etc. "useless".
. . .
Just out of curiousity, about how "poor" entropy might make it easy to break encryption: Is it necessary for an attacker to know pre-attack that a specific targeted file has been
encrypted or etc using poor entropy? Or is the weakness one which can efficiently be exploited en mass, by attacking all files in a batch of files and just being successful against any of the files which happened to be encrypted using poor entropy? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
