entropy + openSSL question

From: Felix Cuello (felix@qodiga.com)
Date: 02/19/03

  • Next message: Brian Hatch: "Re: LKM Trojan installed"
    Date: Tue, 18 Feb 2003 22:32:15 -0300 (ART)
    From: "Felix Cuello" <felix@qodiga.com>
    To: <focus-linux@securityfocus.com>


    Thereīs a secure form to gain entropy in a system to generate a really
    secure private key using openSSL??

    Think about that... if you have enough entropy to do good keys, suppose
    that not any longer than 1024 bits. Whatīs happened if you want to
    generate a key with 2048 bits length when entropy is out?? Well, an
    algorithm do the job to generate pseudorandom numbers. (In case that
    /dev/random or /dev/urandom doesnīt stop, because I donīt remember now but
    any of this devices stops when entropy is out)

    Then... I start again with my first question. thereīs a good way to
    generate entropy??? [Suppose that the machine who generates the key will
    not have much interrupts because anybody are in front of the keyboard to
    generate it]

    I was thinked a funny analogical forms to generate entropy... but thereīs
    something more "formal". [I canīt migrate entropy from one machine to
    another because others machines could not have secure entropy].

    Thanks a lot!

    [Note: my english is not enoguh good... please, if you need a better
    explanation please ask me :-) ]

                                                    - Felix

    Relevant Pages

    • Re: Randomness using computers
      ... prove that the application is secure ... urandom is not supposed to block. ... within the estimated number of bits of noise in the entropy pool. ... uses a cryptographically secure generator as well as physical seeding, ...
    • Re: "Random" number generation (reprise)
      ... The devices themselves are not physically secure -- an adversary ... source code for your bootstrap. ... then this can build upon previous "accumulated entropy". ...
    • Re: new /dev/random
      ... ]>output whose entropy is greater than 160-epsilon ... That's a definition of a condition that SHA1 might meet. ... ]is this property more plausible than the assumption that SHA1 is a secure ... ]This is a distribution on 256-bit strings. ...
    • Re: Entropy Pool Contents
      ... hole, but /dev/random was designed to try to make this impossible, assuming the cryptographic algorithms are secure. ... Essentially /dev/random will refuse to output any more data well before enough could be revealed to predict the current pool state, such that it is fairly secure even in the event of total failure of the cryptographic primatives. ... Even beyond that, the random pool also hashes the current value of the cycle-counter or time of day into the pool with each call, adding a bit of extra entropy in any case. ...
    • Re: Extending the length of a key
      ... this algorithm always gives an output key whose size is equal to that ... entropy to the key, just looking to stretch out the existing entropy ... TLS mechanism, it sounds like this is just what I'm looking for. ... would be as secure as keys chosen more uniformly from the keyspace. ...