[dm-crypt] Research on practical software crypto random number generation

Arno Wagner arno at wagner.name
Thu Oct 24 14:30:22 CEST 2013

As this topic crops up on the list frequently (and deservedly),
here is a current reference by Nadia Heninger et. al. that 
discusses this problem in the context of generating SSH/SSL keys 
and certificates. This paper has a nicely strong experimental
section that validates the analysis, quite in contrast to a
lot of other work in the field. 

This was in a Blog article some time ago, but they now have a 
short and a long paper linked here:


I can particularly recommend reading Sections 4.1, 4.2 and
5.1 of the long paper.

Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare

More information about the dm-crypt mailing list