Steffen DETTMER wrote: > * Lutz Jaenicke wrote on Fri, Sep 19, 2008 at 14:22 +0200: > >>> we purchased a hrng for the generation of RSA keys for instance. >>> It is an USB device an shows up as /dev/qrandom. >>> >>> >> Note: if /dev/urandom is available, OpenSSL will read an additional amount >> of random bytes from it whether an explicit seed source is available or >> not. This however does not reduce the quality of the entropy provided >> by your source. >> >> >>> I am not shure about the role of /dev/urandom: does it deliver a >>> (pseudo) random number or the salt for the PRNG? >>> >> It is used to seed OpenSSL's internal PRNG. >> > > This means the internal PRNG is seeded with /dev/urandom data, > but it is not used at all > and /dev/urandom is not used elsewhere (if external entropy source is used) > -- is this correct? > All "random" values used by OpenSSL like keys generated with genrsa are generated using OpenSSL's internal PRNG. This internal PRNG is seeded from different sources. These external sources can be provided explicitly (as with the "-rand" option of genrsa) or via RAND_add() within an application. As on several occasions people were given bad advice to abuse "-rand" or RAND_add() with bad entropy sources we have decided to always add additional bytes from /dev/urandom if available on the system. OpenSSL's internal PRNG uses a 1024 byte pool mixing entropy with SHA-1 so the more bytes a mixed in, the better. At least it cannot hurt to add any input to it as the entropy in the pool can never decrease by mixing in more bytes.
Best regards, Lutz ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]