Anton Stiglic wrote:
There is some detail in the FIPS 140 security policy of Microsoft's
cryptographic provider, for Windows XP and Windows 2000. See for example
http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf
where they say the RNG is based on FIPS 186 RNG using SHS. The seed is
based on
Been there, done that...
http://csrc.nist.gov/cryptval/140-1/1401val2001.htm#138
Win95 & Win98 are pretty programs running on DOS.
I've generally taken FIPS 140-1 level 1 to be about whether you got the
software right, not whether it protects secrets. Level 2 only relies on
TCSEC or Common Crit
"Anton Stiglic" <[EMAIL PROTECTED]> writes:
>There is some detail in the FIPS 140 security policy of Microsoft's
>cryptographic provider, for Windows XP and Windows 2000.
As I've said in a previous post, the best documentation for the RNG is in
"Writing Secure Code (2nd ed)". The main purpose of
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed Gerck
Sent: 10 août 2004 13:42
To: [EMAIL PROTECTED]
Subject: Re: Microsoft .NET PRNG (fwd)
>The PRNG should be the least concern when using MSFT's cryptographic
>provider. The MSFT report 1
The PRNG should be the least concern when using MSFT's cryptographic
provider. The MSFT report 140sp238.pdf says:
RSAENH stores keys in the file system, but relies upon Microsoft
Windows XP for the encryption of the keys prior to storage.
Not only RSAENH writes keys to a lower-secur
There is some detail in the FIPS 140 security policy of Microsoft's
cryptographic provider, for Windows XP and Windows 2000. See for example
http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf
where they say the RNG is based on FIPS 186 RNG using SHS. The seed is
based on the collection of al
>Forwarded here as the original forum is having no success.
>
>[...]
>
>I'm looking for the same information. I want to know which method does MS
>Crypto API use in order to obtain "strong" random seeds.
This is cross-posted back to the original list (with snippets from various
postings) to try a
Forwarded here as the original forum is having no success. IIRC, Matt
Blaze examined the early CrptoAPI and associated PRNG, but I can't seem to
find the post/article that I am thinking of.
--
Yours,
J.A. Terranson
[EMAIL PROTECTED]
0xBD4A95BF
"...justice is a duty towards those whom you lo