28 entries in 1.081s
diana_coman:
http://btcbase.org/log/2017-11-14#1737414 <- confirmed; I do NOT use any nextprime or other "
rng"-parts from
gpg; current rsatron prototype simply grabs nbits from fg, flips the 2 top bits and 1 bottom bit as per previous discussion and then checks if result is prime; if prime then keep, otherwise discard and try again; no "add 2 until prime" or other such thing
☝︎ mircea_popescu: the reason is that (in a translation of what koch-
gpg does into sanity) you take 2045 bits of
rng for each possible prime, stick 11 in front and 1 in the tail and THAT is your 2048 bit prime candidate.
mircea_popescu: ;;later tell bingoboingo "Following the news of a serious
RNG bug affecting all
GPG versions a low energy shitgnome campaign of apologetics and "not that bad" followed." << can i get a "The fact that hundreds of
GPG keys have been Phuctored in the past year has, of course, nothing to do with all this." added ?
mircea_popescu: asciilifeform same people who check the
gpg rng unwhitened.
mircea_popescu: asciilifeform incidentally, "owned by whitening" is not altogether a bad theory wrt the null-entropy keys. ie, "they replaced
rng with null-outputting one, never noticed because whitening". this, of course, doesn't explain why
gpg would end up with null-generated keys, but whatevs.
ascii_field: there are 3 separate
rng subsystems in
gpg 1.4 - but more on this later)
mircea_popescu: asciilifeform there's possibly more
rng customers than
gpg customers imo
mike_c: of course, to securely
gpg it i would need a high-quality
rng.. where could i get one of those i wonder.