> On 2008.09.22 at 16:37:58 +0200, F. wrote: > > > Any way to collect only from HRNG? > > You can write your own RAND_METHOD > and encapsulate it in the engine module. > > Then you can load this engine via openssl.cnf > and set default rand method to this engine. > > Really, this is not very good idea, because hardware random number > generators are slow.
Much better to mix in randomness from your hardware source into the OpenSSL PRNG. This is better for several reasons: 1) You can rate-limit how much you mix in. Say you mix in 1KB at startup and 128 bytes every 10 seconds after that. This will provide the same quality of randomness for cryptographic purposes, but will limit the effort. This will protect you against possible denial-of-service attacks where an attacker tries to make you use up more randomness than you have. Many HRNGs are vulnerable to this. 2) The OpenSSL PRNG is well-investigated. If your HRNG's output is not comparable in quality, your security could be compromised. For example, subtle bias in the output could have serious cryptographic consequences. 3) The OpenSSL PRNG is, by design, protected against non-random or defective inputs. So long as it has sufficient good input, no amount of bad input can hurt it. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
