On Fri, Aug 03, 2001 at 05:34:09PM +1000, Alex Cosic wrote: >> I have problem in understanding the command RAND_load_file(RANDOM, >> 64*1024); >> where RANDOM is "randomfile.pem". I do not know how to design that >> particular file. Second, is it necessary that this file is changed on each >> time I run my SSL program? I am using win32 platform. >The file is read to seed the random number generator. It should contain >data, that cannot be known/predicted by an attacker. It does not have a >special format, just "unknown/random" bytes. Do you have a microphone >on your computer? record some noise, it should contain quite some entropy. >As the random numbers are generated from this file and they should be different >all the time, the contents of the file should be exchanged/updated between >calls... Where I could find some basic about creation of random number for openssl. I have read 1 page from SSLeay documentation, which is very vague. In particular what size of the file I have to design. For example in the "SSL and TLS - Designing and building Secure Systems" by Eric Rescola I have found: RAND_load_file(RANDOMFILE,1024*1024); How whoud I know what size of the file I need? In the article of RSA Pseudo Random Number Generator by RSA it was given an example to seed 64 bit of DES key is recommended to collect a seed pool of 56 random bytes (a 64 DES key comprises 56 effective bits, the rest being parity bits) and then select 56 random bits from this seed pool. Or in openssl manual we have: "The state should be very large. If the RNG is being used to generate 4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum). If your RNG state only has 128 bits, you are obviously limiting the search space to 128 bits, not 2048. I'm probably getting a little carried away on this last point but it does indicate that it may not be a bad idea to keep quite a lot of RNG state. It should be easier to break a cipher than guess the RNG seed data. ". Ok, so how would I know what size of file I have to create? You also suggested that the content of the file should be exchanged /updated between calls. So some sort of deamon program is necessary for the good operation in that case? Do I need anaother random file on the client side? If I need that, than whether is possible that a hacker could use the file to hack the system? Thank in advance Alex Cosic ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
