> What is a good amount of entropy to gather for seeding the PRNG?
> I guess the more the better, but is there a magic number that most
> people use that provides enough randomness for good security?
> Ed
There are several different opinions about this. My own is that you need
enough entropy that breaking the PRNG is not the easiest path to breaking
the subsequent operations that are going to use it. If the subsequent
operations are far stronger than they need to be, then breaking the PRNG
need only be more difficult than the application requires.
A good rule of thumb is that you should have more bits of entropy seeding
the PRNG than there are bits of entropy in the algorithm you are using. A
128-bit key for a symettric cypher should have at least 160 bits of entropy
before generating it. A 2,048 bit RSA key should have at least 512 bits of
entropy before generating it (assuming a 2,048 bit RSA key has about 400
bytes of entropy, which is my rough recollection which might not be
correct).
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
