That is, I see for some Computer OS’s computers use Intel Firmware to generate/acquire Entropy for creating Encryption Keys. Long ago we were asked to move cursor around, type onto screen.
As I wrote about on the general forum. The requirement for Windows to use TPM 2 for Windows 11 was said to be for creating Encryption Keys better. ???
To be more specific. If I am creating the Initial Luks hard drive encryption key on install. Then what parts of the MOBO, Firmware, or Intel involved? Why do the Qubes developers trust this?
If I am creating the login Encryption for Qubes account. Same questions.
If I am creating a PGP keypair to use for Email. Same questions.
If I use a Nitro Key/Librem which I read somehow creates Encryption. Same Questions.
Coming back to, and I am sure that you folks are far more up on this than I am. What makes the Qubes Developers sure the current means of generating Encryption keys with, in Qubes 4.1 is reasonable secure?