On Fri, Jul 1, 2011 at 1:14 PM, Vladimir Belov <ml.vladimbe...@gmail.com> wrote: > Hello. > I'll collect entropy(random bytes) myself on Windows. How many random > bytes I must give for function RAND_seed to seed PRNG properly in two cases: Why not allow OpenSSL to auto seed itself? If you have an overwhelming desire to provide entropy, why not use Windows (http://msdn.microsoft.com/en-us/library/aa379942(v=vs.85).aspx)?
As for the number of bytes required, I don't recall reading anything for asymmetric key generation. For symmetric ciphers, Gutmann recommends [key size in bits] + 64 bits (though Gutmann wrote the paper, I believe I read it from NIST's site). > 1) Generating RSA keys. > > 2) Programming SSL-TLS. And where I must call RAND_seed during SSL-TLS > programming? > > I think internal functions of OpenSSL call RAND_bytes when they need random > data. So, it is very important for me to understand how RAND_seed and > RAND_bytes work together. I don't understand how it works. http://www.openssl.org/docs/crypto/RAND_bytes.html > For example, if I have seeded PRNG with 256 bytes, how many random bytes I > can get with RAND_bytes after that and be sure that they are unpredictable > enough (good for cryptographic operations)? http://groups.google.com/group/mailing.openssl.users/search?group=mailing.openssl.users&q=rand_bytes+entropy&qt_g=Search+this+group Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
