This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
gnupg and /dev/random
- From: "Gergely Budai" <thuffir at gmx dot de>
- To: <cygwin-apps at cygwin dot com>
- Date: Fri, 28 Mar 2008 17:50:37 +0100
- Subject: gnupg and /dev/random
Dear Community!
It appears to me that gnupg has always been using /dev/random on cygwin since it's first release (1.0.7-1). AFAIK cygwin is using
CryptGenRandom() for this device. According to Wikipedia, several "significant weaknesses" had been found recently in the Windows
2000 and XP implementation of that function. According to that same Wikipedia article, Microsoft is planning to fix that bug with
the release of SP3 for XP, but not planning (at least did not tell to do so) to fix it for Windows 2000.
Since the presence of a strong cryptographical random function is the prerequisite of cryptography and some of us are sill going to
use Cygwin on Windows 2000 in the future, my question is the following:
Would not it be better to configure the future gnupg cygwin releases not to use /dev/random, but the builtin and specially for
windows developped randomness entropy gatherer (rndw32.c)?
Looking forward to your kind oppinions,
Gergely Budai
Sources:
http://en.wikipedia.org/wiki/CryptGenRandom