Hi, I have been asked by to verify the quality of the random numbers which are used for certificate requests that are being sent to us, to make sure that they are good enough, and we don´t issue certificates for weak keys.
The client applications that generate the keys and issue the certificate requests are the usual software landscape OpenSSL, IE, Firefox, SmartCards, ... and we would like to be able to accept all normally used software. We are being asked to either issue the keys for our users (I don´t want to), or alternatively demand the users to have good quality random numbers with a contract for the user. Now it might be easy that I demand the user to have good random numbers, but the first question will likely be "and how do I do that?" or "which software/hardware does that?" So I guess I have to ask the vendors, whether ther random numbers are good enough. But what if they just say "yes" or "no"? I think the better way would be if I had a possibility to verify the quality of the random numbers used in a certificate request myself, without the dependence on the vendor. From what I remember of the usual RSA key generation, random numbers gathered are being put into a field with the expected keysize. Then the first and last bit is set to 1, to make sure that the key has the necessary size, and to have it odd (not to be devidable by 2). Then it is verified for primeness, and if the check is ok, the number is used. So if I extract the key, remove the first and the last bit, then I should have the pure random numbers that are being used. If I do that with lots of keys, I should have a good amount of random material for the usual statistical tests. Am I right? Am I wrong? Has anyone done that before? Any other, better ideas? Should I do it that way? Best regards, Philipp Gühring --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]