On 02/26/2014 12:08 AM, Hauke Laging wrote: > I suggest to add a new key generation mode. The only difference would be > that the random input is not read from /dev/random any more (and that > random_seed would not be used or newly initialized) but from an explicit > source: --random-source /path/to/file. With that (I guess very small) > change every GnuPG installation should generate the same key material > (of course, the timestamps would have to be given, too). > > Then people who need a very high level of security could create a pool > of random data (e.g. by reading from /dev/random) and use this data and > the same timestamps with different Linux distros, even with Windows. ;-) > > If the generated keys are exactly the same on all systems then it is > very improbable that the key generation has been compromised (or all is > lost anyway). > > This would be much easier (and thus available to normal people) than > attempts to audit a distro.
If i was an attacker who was compromising your software and i knew the software had this verification mode, i would make my modified software generate keys "correctly" when in this verification mode (clearly the software can tell when the entropy source is not /dev/random), and when it was not in this verification mode i would do my devious known-key "generation". So i don't see how this proposed change would let anyone sleep easier at night, unfortunately. --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users