Web forum is in read-only mode. Login as active registered customer for write access
  Forum Search   New Posts New Posts

ECC Key Generation Linux

 Post Reply Post Reply
Author
Schumann Michael View Drop Down
Member
Member
Avatar

Joined: 26 Sep 2015
Posts: 65
Post Options Post Options   Quote Schumann Michael Quote  Post ReplyReply Direct Link To This Post Topic: ECC Key Generation Linux
    Posted: 10 Jun 2019 at 10:46am
Sorry for bugging again, I again receive the "hang" on ECC key generation in Linux 64 with Version 3.5.1.0. Would you mind having a look into this?
Back to Top
Marion Candau View Drop Down
Member
Member
Avatar

Joined: 12 Aug 2016
Posts: 64
Post Options Post Options   Quote Marion Candau Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 11:23am
Hi Michael,
I will release a new version very soon to fix this bug.
Best regards,
Marion
Back to Top
Schumann Michael View Drop Down
Member
Member
Avatar

Joined: 26 Sep 2015
Posts: 65
Post Options Post Options   Quote Schumann Michael Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 11:48am
Hello Marion,

for couriosity I tested setting nacl to naclyes and my unit tests ran completely also in linux. I would be grateful if there would be a safe fix or switch (e.g. to a less secure but reliable random source) that I could use across the versions...

Thanks!
Back to Top
Marion Candau View Drop Down
Member
Member
Avatar

Joined: 12 Aug 2016
Posts: 64
Post Options Post Options   Quote Marion Candau Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 11:52am
Hello Michael,
If your test ran on linux, it's because there was enough entropy for the random number generator this time, it has nothing to do with the NaCL option.
Best regards,
Marion
Back to Top
Schumann Michael View Drop Down
Member
Member
Avatar

Joined: 26 Sep 2015
Posts: 65
Post Options Post Options   Quote Schumann Michael Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 12:35pm
Hello Marion, thanks for the explanation. Is there a way to create entropy on a linux server somehow? And what does the NaCl Option do? I did not find any explanation in the manual, I know that "salt" is a popular encryption project ;-) The switch had no influence even on those unit tests that had hard coded results.

Best regards,
Michael
Back to Top
Marion Candau View Drop Down
Member
Member
Avatar

Joined: 12 Aug 2016
Posts: 64
Post Options Post Options   Quote Marion Candau Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 1:05pm
Hello Michael,
The entropy is created by the activity on the server, i.e. process, HDD access, keyboards timings, IDE timings.
The NaCl option is to have keys and cryptograms interoperable with the NaCl library : https://nacl.cr.yp.to/
Best regards,
Marion
Back to Top
Schumann Michael View Drop Down
Member
Member
Avatar

Joined: 26 Sep 2015
Posts: 65
Post Options Post Options   Quote Schumann Michael Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 1:30pm
Hello Marion,
could you imagine introducing an option to use an pseudo number generator instead of the machine entropy (surely making things a bit less secure) to make it reliable on machines that have very little activity an no GUI activity like a standby server? I would trade that for a bit of security and one would have a choice.
Is there any drawback using NaClYes?
Best regards,
Michael
Back to Top
Marion Candau View Drop Down
Member
Member
Avatar

Joined: 12 Aug 2016
Posts: 64
Post Options Post Options   Quote Marion Candau Quote  Post ReplyReply Direct Link To This Post Posted: 10 Jun 2019 at 2:03pm
Hello Michael,
In the next release (coming in the next days), I have replaced /dev/random by /dev/urandom which uses the entropy machine even if the pseudorandom number generator seed was not fully initialized with entropy since boot.
The difference between naclno and naclyes is the byte order in the generation of keys and cryptograms.
Best regards,
Marion
Back to Top
Schumann Michael View Drop Down
Member
Member
Avatar

Joined: 26 Sep 2015
Posts: 65
Post Options Post Options   Quote Schumann Michael Quote  Post ReplyReply Direct Link To This Post Posted: 13 Jun 2019 at 10:57am
Hello Marion,

thanks a lot! I love this library!

Bst regards
Michael
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down