OpenSSL contains a PRNG that just needs a few random numbers to get it
started. If you're not familiar with what a cryptographically-secure random
number generator is, why they're necesary, or how to seed them, I suggest
you get someone who is familiar with cryptography to do your cryptography
implementation. Even with OpenSSL, there are ways to screw it up and wind up
with far less security than you think you have.
Security should not be implemented by complete novices if the security has
to be counted on.
DS
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Timothy Sim
Sent: Sunday, November 19, 2000 2:19 PM
To: [EMAIL PROTECTED]
Subject: Random number generation
Hi,
I am a complete novice when it comes to SSL and I have had to incorporate
OpenSSL into my project through use of a CORBA ORB I am using.
I have been advised that I need a random number generator to use OpenSSL. Is
this true, and if so why? I am just trying to understand OpenSSL and how it
works. Also, how do I go about implementing one if I need one?
Thanks in advance.
Timothy Sim.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
