On Fri, 15 Aug 2014 13:10, andreas.schwier...@cardcontact.de said: > So what is that assumption based on ? If you are using a hardware device > that is certified as Secure Signature Creation Device under the Common > Criteria scheme, then the quality of the random number generation is an > important criteria in the evaluation (see for example AIS31 under the
The evaluation demands that the generated random is reproducible so that the generator can be tested. The way the seed is set is not part of the evaluation (at least not for FIPS). BSI people who analyzed the Libgcrypt RNG once demanded that the quite complicated pool based design should be replaced by X9.31 - they didn't care about the seed ("it should be unpredictable, but we can't evaluate this"). The design of the seed generators on the EAL 4 evaulated cards is almost always a trade secret and we don't know how and when it breaks. A PC is horrible bad at collecting good entropy but at least we have a lot of failsafe modes and thus you won't end up with a stuck RNG. There is also the option to add an open hardware entropy source in addition to RDRAND/Padlock and the other ways of collecting data for the seed. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users