entropy + openSSL question

From: Felix Cuello (felix@qodiga.com)
Date: 02/19/03

  • Next message: Brian Hatch: "Re: LKM Trojan installed"
    Date: Tue, 18 Feb 2003 22:32:15 -0300 (ART)
    From: "Felix Cuello" <felix@qodiga.com>
    To: <focus-linux@securityfocus.com>


    Thereīs a secure form to gain entropy in a system to generate a really
    secure private key using openSSL??

    Think about that... if you have enough entropy to do good keys, suppose
    that not any longer than 1024 bits. Whatīs happened if you want to
    generate a key with 2048 bits length when entropy is out?? Well, an
    algorithm do the job to generate pseudorandom numbers. (In case that
    /dev/random or /dev/urandom doesnīt stop, because I donīt remember now but
    any of this devices stops when entropy is out)

    Then... I start again with my first question. thereīs a good way to
    generate entropy??? [Suppose that the machine who generates the key will
    not have much interrupts because anybody are in front of the keyboard to
    generate it]

    I was thinked a funny analogical forms to generate entropy... but thereīs
    something more "formal". [I canīt migrate entropy from one machine to
    another because others machines could not have secure entropy].

    Thanks a lot!

    [Note: my english is not enoguh good... please, if you need a better
    explanation please ask me :-) ]

                                                    - Felix