Question

1

Level of entropy in full disk encryption

rated 0 times [ 1] [ 0] / answers: 1 / hits: 472 / 3 Years ago, thu, august 19, 2021, 12:48:49

I would like to know how high the level of entropy is when installing Ubuntu and encrypting the installation. As far as I know, the only partition that is not encrypted is the /boot partition because it has the boot loader unencrypted. When I use TrueCrypt to encrypt Windows, I am asked to move the mouse cursor inside the window to create a pool to improve the level of entropy.

As Ubuntu does not offer something like that, how can I be sure the keys, salts etc. are secure enough?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

rtbrbab

Add To Favorites

Follow

Total Points: 461

Total Questions: 126

Total Answers: 117

Location: Saudi Arabia

Member since Fri, Jul 1, 2022

2 Years ago

answered 3 Years ago ndeecru · Accepted Answer

While you might not be asked to move your mouse, it will still help build entropy/feed your random number generator.

In Linux, /dev/random is your PRNG. /dev/urandom is fed by /dev/random, but provides more raw data to use.

Accessing data on HDDs, moving the mouse and typing are all actions that will help feed your random number generator.

Unfortunately, when you're in Ubuntu's LiveCD mode, you most likely will not have many things to do that might cause increases in entropy generation.

You can, however, rest easy and know that random number generation in Linux has been under peer review and should be safe. If you can't accept this for yourself, you're more than welcome to check out the kernel source.