On Tue, May 12, 2020 at 04:59:52PM +0300, Andreas Gustafsson wrote:
> I don't particularly care if we require 100 or 384 bits of estimated
> entropy, nor do I particularly care if the entropy estimate of a
> keystroke timestamp is 0 or 1 bit. But I do very much care that if I
> accidentally try to generate an ssh key on a system that has no
> entropy at all, it must not succeed.
Once more and alone and maybe it will sink in:
There is no reasonable way to estimate system entropy.
Please think what that statement means. Consider for fun emulating a 20
year old computer with a deterministic high precision model keeping all
storage in memory. There is no source of entropy in such a system and no
way for the emulation to tell.
Joerg
