On Wed, Mar 31, 2010, Anthony Gabrielson wrote:
>
> Hello,
>
> I'm actually writing a Matlab toolbox that uses OpenSSL. I put together a
> function, actually its really heavily based on the OpenSSL book, that
> generates random keys and IV. Anyway, I wasn't comfortable with how I was
> seeding
- Original Message -
From: "Dr. Stephen Henson"
To: openssl-users@openssl.org
Sent: Wednesday, March 31, 2010 7:43:06 AM GMT -05:00 US/Canada Eastern
Subject: Re: Random Numbers
You can use RAND_bytes() on Windows and the OpenSSL PRNG will be automatically
seeded fr
On Tue, Mar 30, 2010, Anthony Gabrielson wrote:
> Hello,
>
> I've been searching around and I'm not finding much on
> OpenSSL and random numbers. I'm trying to figure out how to best use
> RAND_bytes and RAND_pseudo_bytes; do I still need to worry about entropy or
> does OpenSSL
On Tue, Mar 30, 2010 at 11:48 PM, P Kamath wrote:
> I said it is an RNG, not cryptographic RNG. By adding current time source,
> however crude, and doing a sha1/md5, why should it not be cryptoPRNG? What
> properties should I look for?
Taking a hash of an entirely predictable (or narrowly bo
P Kamath wrote:
> I said it is an RNG, not cryptographic RNG. By adding current time
> source,
> however crude, and doing a sha1/md5, why should it not be cryptoPRNG?
> What
> properties should I look for?
You should look for a cryptographically-secure random number generator.
Seriously, you sh
Of Victor Duchovni
Sent: Tuesday, March 30, 2010 9:53 PM
To: openssl-users@openssl.org
Subject: Re: Random Numbers
On Tue, Mar 30, 2010 at 07:43:39PM -0700, P Kamath wrote:
> At one point of time, we had used tt800.c random number generator
(available
> on the net - a small file sized 2kB
On Tue, Mar 30, 2010 at 07:43:39PM -0700, P Kamath wrote:
> At one point of time, we had used tt800.c random number generator (available
> on the net - a small file sized 2kB), and sha'd or md5'd the output into a
> stream. From the output, we filtered out weak keys, if any.
I hope nobody else do
At one point of time, we had used tt800.c random number generator (available
on the net - a small file sized 2kB), and sha'd or md5'd the output into a
stream. From the output, we filtered out weak keys, if any.
_
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openss
Thanks for the info. I have a follow-up question based
on my specific situation. The cipher suite I am
forcing the client and server to negotiate to is
EDH-RSA-DES-CBC3-SHA(I am also requiring sslv3). That
being the case, is not having true randomness on the
client a risk? How good is the randomiz
raghuram belur wrote:
>
> Unfortunately, requesting input from the user is not
> an option for the application that I am working on.
> This is one of the reasons why I am trying to see if
> there is a way to "dumb down" the randomization on the
> client and make it mostly a server side issue. I a
Raghuram Belur wrote:
> I am wondering if it is possible to use some simple cross-platform
> [PRNG] on the client which is probably not too hard to guess and use
> a more robust mechanism such as an entropy gathering daemon on the
> server
You will have to be very careful. For example, if you u
For linux and perhaps other unixes /dev/random is a good example. To
simplify somewhat,
the operating system reads garbage from the hardware and posts it to
this file. If you do a
cat /dev/random you'll get some first hand experience with this file.
That's what it would look
like. Use the conte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
>What would a good RANDFILE look like?
If I could tell you that, it wouldn't be random, would it?
Jon
-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.0.2i
iQA/AwUBN0EXpngWiDO86u4+EQKBkQCg+p6KprlTKIxC+0WXfqKa5j9EUQ0AoN9+
uXWTeQoJqDDL+
13 matches
Mail list logo
