On Tue, Sep 12, 2000 at 09:34:41AM -0700, Bill Browning wrote:
> I am considering calling RAND_seed at different times during my program, I
> was wondering what people who really understand PRNG and the openssl PRNG
> library would think of the following scenario:
>
> 1. Assume the application runs forever.
> 2. Once per day lots of random information is collected from several
> sources (ie, mouse moves, time between key presses etc.)
> 3. I take all this data and call RAND_seed with it.
>
> I am going to improve the "randomness" of numbers from the PRNG by doing
> this? Or am I just wasting clock cycles?
Whenever you add entropy to the PRNG, its state changes. That makes it more
difficult to an attacker. Adding seed on the fly is a standard technique,
it is done by OpenSSH, mod_ssl, Postfix/TLS...
The most straight forward idea is to add entropy whenever random data is
retrieved, but doing it on a periodic basis is also not bad.
I would however think that doing it more often with a smaller amount of data
is better, as an attacker that sucks large amount of data from the PRNG
has more problems when the state changes often...
Go ahead,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
