On Thu, May 02, 2002 at 06:32:56AM +0200, Robert Millan wrote: > "EGD is an Entropy Gathering Daemon meant to be used on systems that can run > GPG but which don't have this [/dev/random] convenient source of random bits."
hat might be what it claims to be, but it is still useful outside of this context. > This is not really useful on GNU/Linux. It would be useful on GNU for some > time untill we have a complete random translator, but that translator > gathering entropy from EGD makes the whole process slower. It can be used on GNU/Linux to generate fairly good randomness without draining the system random pool. One defect in the Linux random implementation is that both urandom and random drain the same entropy pool. If you don't need strong cryptographic random, you don't need the secureness of /dev/random, but using /dev/urandom is basically a DoS attack on /dev/random (bringing programs like gpg to their knees wrt entropy). > Why not just looking at EGD's sources to learn where does it take > entropy from and incorporating that features to the translator? It doesn't belong there. The translators job is only to mix together the entropy sources and provide a stream of random numbers. It will use (eventually) libchannel to access various sources, like the Mach device, or the egd fifo, but it will not implement such sources itself. (I might reconsider that, but I really don't see a need). Thanks, Marcus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]