BlackHat - practical SW RNG entropy weaknesses
Jim Cheetham
jim at gonzul.net
Wed Aug 12 02:55:41 BST 2015
http://www.theregister.co.uk/2015/08/11/your_numbers_arent_random_says_infosec_boffin/
Links to the presentation PDF, which reveals that is is mostly about how
OpenSSL gets things wrong in unusual ways.
Fixes the problem by introducing libWES, which will fix OpenSSL for you :-)
libWES will read from /dev/random already, so OneRNG/rngd will contribute
goodness to your OpenSSL.
-jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ourshack.com/pipermail/discuss/attachments/20150812/a8d062ce/attachment.html>
More information about the Discuss
mailing list