Geoff Thorpe wrote:
>
> Hi there,
>
> On Fri, 26 Nov 1999, Mark Shuttleworth wrote:
>
> > Hi all
> >
> > We have a customer project that requires the rapid generation of RSA
> > keys and figure OpenSSL would be good.
> >
> > Is there any documentation on how to maximize the security of the key
> > generation in OpenSSL? Is there any way to increase the amount of
> > entropy fed to genrsa? Are there any known problems with OpenSSL's RSA
> > key generation algorithms? We'd normally use dedicated units but in this
> > case a software solution would work better.
>
> If you have ready access to dedicated hardware you could use it to seed
> the PRNG in OpenSSL? Presumably that would address your entropy worries
> but leave the actual RSA keygens in software. As for know problems with
> OpenSSL's RSA keygen - not that I'm aware of but I think it'd be fair to
> say that the PRNG (and its seeding) probably has a better chance of being
> weak than the RSA keygen would be if you've seeded the PRNG with enough
> good entropy. (well ... at least when comparing it to other tools IMHO).
>
> I can't recall whether the prime number generation uses sequential
> candidates or an arithmetic sequence (or even something else) but I don't
> think that would qualify as a "known problem" either way ...
Sequential candidates or an arithmetic sequence would both effectively
reduce the randomness of the primes, because they'd both favour primes
that come after long gaps.
What OpenSSL does is choose a fresh random number each time. Umm. I
think (I checked the code a while ago, but not recently).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
