Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] How do I add entropy?

On Sun, Sep 7, 2014 at 8:52 AM, Kent Borg <kentborg at> wrote:
> A public key of 4096-bits is like a much shorter symmetric key (~200-bits?),
> so unless you are generating a bunch of keys, you shouldn't have any
> problem.

An RSA key of size 4096 bits has *security* equivalent somewhere
between 128 and 200 bits (which sometimes gets rounded down to 128
since < 256 bits), but that is *not* a measure of how much entropy its
generation will consume.
    Generating two 2kbit primes will consume a *lot* of entropy from
/dev/random, because each random candidate-prime must be tested by
hundreds of random 'witness' numbers (potentially upto 1kbit in size).

Generating one 256bit random symmetric key would be far far more
efficient in terms of entropy consumed, but that doesn't get you all
the key management and authentication benefits of Public Key.

(Generating RSA keys on a virtual box could be very very slow as they
don't have hardware entropy sources available.)

Bill Ricker
bill.n1vux at

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /