BlackHat - practical SW RNG entropy weaknesses

Jim Cheetham jim at gonzul.net
Wed Aug 12 02:55:41 BST 2015


http://www.theregister.co.uk/2015/08/11/your_numbers_arent_random_says_infosec_boffin/

Links to the presentation PDF, which reveals that is is mostly about how
OpenSSL gets things wrong in unusual ways.
Fixes the problem by introducing libWES, which will fix OpenSSL for you :-)

libWES will read from /dev/random already, so OneRNG/rngd will contribute
goodness to your OpenSSL.

-jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ourshack.com/pipermail/discuss/attachments/20150812/a8d062ce/attachment.html>


More information about the Discuss mailing list