> On 30 May 2018, at 11:55 PM, Michael Wojcik <[email protected]>
> wrote:
>
>> From: openssl-users [mailto:[email protected]] On Behalf
>> Of FooCrypt
>> Sent: Tuesday, May 29, 2018 21:41
>> To: [email protected]
>> Subject: Re: [openssl-users] PRNG is not seeded
>>
>>> On 30 May 2018, at 8:58 AM, Scott Neugroschl <[email protected]>
>> wrote:
>>>
>>> I’m using PRNGD to seed my random numbers (I’m on a system without
>>> /dev/random and /dev/urandom). I occasionally get the dreaded “PRNG is
>>> not seeded” error.
>>
>> I don’t know your OS or environment, have you tried the ‘openssl rand’
>> functionality as a random source to seed your entropy issues ?
>
> Where would openssl rand be getting its entropy from, in this case? You have
> a circular dependency: openssl needs entropy, so it tries to get it from
> PRNGD; and you're asking openssl to put entropy into PRNGD.
>
Usage: rand [options] num
where options are
-out file - write to file
-engine e - use engine e, possibly a hardware device.
-rand file:file:... - seed PRNG from files
-base64 - base64 encode output
-hex - hex encode output
RAND(1) describes the multiplicity of sources that can all be used together in
some detail.
DESCRIPTION
The rand command outputs num pseudo-random bytes after seeding the
random number generator once. As in other openssl command line tools, PRNG
seeding uses the file
$HOME/.rnd or .rnd in addition to the files given in the -rand option.
A new $HOME/.rnd or .rnd file will be written back if enough seeding was
obtained from these sources.
ls -la ~/.rnd
-rw------- 1 XXXXX XXXXX 1024 30 May 10:45 .rnd
Make some .rnd’s
dd if=/dev/[SOMEDEVICE] of=~/.rnd bs=1 count=1024
Make an engine
Microphones work wonders and you can play with the sound, count,
etc….etc….etc...
>> perhaps rather than pseudo random, try a hardware device ?
>
> Now, this is a case where you might use openssl rand, in conjunction with
> engine, to get entropy from another source. That could be a useful hack if
> you can't easily change PRNGD or the application to read entropy from the
> device.
>
> For example, I think I successfully used openssl with the pkcs11 engine to
> get entropy from a NitroKey device a couple of years back, when I was playing
> around with cheap HSMs.
>
> Whether something like the NitroKey (which is an inexpensive USB-attached HSM
> in a thumbdrive form factor) would be useful in this case is something Scott
> would have to determine.
>
> If it is, it'd be cleaner if he could change the application to load the
> pkcs11 engine and use its RNG directly, or at least get entropy from it to
> seed OpenSSL's PRNG.
>
>>> I know this is caused by a lack of available entropy in the system; but what
>>> can I do to address this? Is it just a matter of waiting until enough
>>> entropy
>>> has been collected? Is there any kind of workaround?
>
> Depends on what sources PRNGD uses (I haven't looked), what the device is,
> what the application is... If the device has sensors you can read, you might
> be able to gather some entropy by reading noise from them (though this is
> somewhat fraught - you don't want to overestimate the amount of entropy, and
> both sensors and sensor APIs are often vulnerable to attack).
>
> Sometimes applications ask users to generate some entropy by asking them to
> bang on the keyboard or wiggle the mouse, or that sort of thing. Again, it
> really depends on what your device and application are.
>
> This topic is discussed at some length in the technical literature; see for
> example section 3 of RFC 4086.
>
> --
> Michael Wojcik
> Distinguished Engineer, Micro Focus
>
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
