> From: owner-openssl-...@openssl.org [mailto:owner-openssl- > d...@openssl.org] On Behalf Of Stanislav Meduna > > I interpret http://www.openssl.org/support/faq.cgi#USER1 > such that the /dev/urandom is always used if present and > the RNG used is additionally seeded by RANDFILE. So your > keys are different, but if the available entropy in > /dev/urandom was insufficient, they will be not as random > as you'd wish.
I would be ok with urandom, as long as I know I've got a really random seed. > This internal PRNG is seeded from different sources. These > external sources can be provided explicitly (as with the > "-rand" option of genrsa) or via RAND_add() within > an application. As on several occasions people were given > bad advice to abuse "-rand" or RAND_add() with bad entropy > sources we have decided to always add additional bytes > from /dev/urandom if available on the system. YES! I think that counts as an answer. Thank you. :-) So here is what I'm taking to be the final answer: * First, md5sum your ~/.rnd file (or read your config file to see what's specified by RANDFILE). * Then generate a key, and md5sum your ~/.rnd again. Ensure it's changed. This ensures you know where your entropy seed is stored, and you haven't accidentally set the wrong RANDFILE or read the wrong config file or anything like that. * cat /dev/random > ~/.rnd (and wait for it to reach 1k or longer) This takes 8-10 minutes on a system with low entropy. >From now on, you may safely assume you have sufficient entropy. Although the "random" numbers are coming from /dev/urandom, you have a really random seed, which makes it sufficiently random. > Use a hardware based on true random physical process. > This one is quite low-cost: http://www.entropykey.co.uk/ > (no experience, I just googled for what is available). Most systems nowadays have a TPM built-in, which can be used as a hardware entropy source. Unfortunately, not available in most VM's. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
