René G. Eberhard wrote:
> > Due to a part or fraction of the screen could stay
> > constant (several hashes could stay constant), so
> > several RNG inputs could stay constant.
> > IMHO it seems to be a poor RNG.
>
> I've never checked the current RAND_screen().
> I've worked with SSLeay till version 0.6.6 and there we've had
> our own PRNG. Now I'm back to the roots and I intend to use
> OpenSSL for several things.
>
> Hashing of the screen is really not enough. If you have a
> server which starts automatically (NT service) you'll always
> have the same seed. Adding things such PID, current time and
> so on is still not enough.The algorithm is public and thus the
> seed is easily to reproduce. You just have to play with the
> PID and time value over a certain period.
I agree.
> A better idea would be to provide an additional input to the
> RAND_seed() function which takes such mouse moved random
> stuff from an external application. (Don't know whether already
> provided in OpenSSL). If you have a server side implementation
> no one moves the mouse if the system restarts automatically.
I think the RAND_seed() function must be enhanced to use only
when you generate a new request.
Thank you.
////
Bodo Moeller wrote:
>
> On Tue, Oct 12, 1999 at 11:43:01AM -0300, Miguel Angel Fraga wrote:
>
> >> In the case of Windows, one method for creating such input is to ask
> >> the user to move the mouse and use the the coordinates of the
> >> WM_MOUSEMOVE messages you get and the respective system time.
>
> > It seems to be a good choice.
> > Has anyone added such a feature to RAND_seed()?
> > If not I propose fix it for the next OpenSSL-Release.
>
> The application has to take care of this, not the library. A generic
> solution is not possible; e.g. for servers, you cannot expect the
> mouse to move at all. The seeding that OpenSSL does automatically
> suffices on certain platforms, but one should not rely on such
> possibilities being available. One part of a solution for application
> programs is to do what the "openssl" utility does: it expects to find
> random input in a file (usually $HOME/.rnd) and writes an updated
> random state back later.
Why not? A hash of the screen is not enough.
I mean to enhance (at least) the RAND_seed() function
when you generate a new request.
I think OpenSSL is a great software and a pity that
OpenSSL has a random-number generator that produces
weak keys.
Thank you,
Miguel Angel
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
