I have following question: When i create a RSA key pair, i must wait
ca 60 minutes until the generation process is finished. DSA took 2 or
3 minutes. The signing-process took a few seconds. Did i misconfigure
something? Or is this normal?
I used Suse Enterprise 11 runing on a VM with 1 GB Memory and 2 assigned CPUs.
PS: Great job ,-). Gnomint is really great and helped me a lot.
2009/7/28 Holger Naussed <fizban@...>
> I have following question: When i create a RSA key pair, i must wait
> ca 60 minutes until the generation process is finished. DSA took 2 or
> 3 minutes. The signing-process took a few seconds. Did i misconfigure
> something? Or is this normal?
> I used Suse Enterprise 11 runing on a VM with 1 GB Memory and 2 assigned
> PS: Great job ,-). Gnomint is really great and helped me a lot.
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> what you do best, core application coding. Discover what's new with
> Crystal Reports now. http://p.sf.net/sfu/bobj-july
> gnoMint-users mailing list
It can be normal: it all depends on the entropy your system is gathering
during the creation of the key.
As it was said in gnoMint review by Linux.com:
"Having good random data is an absolute requirement for strong cryptography.
For example, when you are generating keys you want the values used as parts
of these new keys to be completely non-predictable so that anyone trying to
break your encryption has to try a huge number of possible values to guess
what your key might be.
If you are experimenting with gnoMint, you might run out of strong random
data on your machine before you start generating certificates that you are
actually going to use. Network traffic and mouse and keyboard activity will
gradually restore your random data. If you do not have enough random data,
gnoMint will wait until it can get enough, which might take a whille.
One area where a lot of random data is required is the first operation you
are likely to perform, adding a self-signed certificate (which you will then
use to sign other certificates) to your certificate database. "
I recommend installing a true entropy improver, such as randomsound (
http://www.digital-scurf.org/software/randomsound), that gathers entropy
from the sound card input noise.
David Marín Carreño