I have not checked (hint!) the source code (hint!) specifically, but I have a vague recollection that 1.4 depended heavily or completely on / dev/random. If the system RNG is secure, so are the keys generated by GPG 1.4. It might be advisable to have the box running for some time (a day or more if possible) to ensure that sufficient entropy has been gathered before generating keys.
For Linux systems, for about five years now at system boot /dev/urandom is initialized. Once it's fully initialized calls to /dev/random are silently redirected to /dev/urandom. It doesn't take long at all for /dev/urandom to spin up, either.
A *lot* of effort has been put into making /dev/urandom a high quality CSPRNG. I highly recommend using it, and only it, and especially recommend abandoning any attempts at rolling your own CSPRNG.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
