entropy + openSSL question

From: Felix Cuello (felix@qodiga.com)
Date: 02/19/03

Next message: Brian Hatch: "Re: LKM Trojan installed"

Previous message: Chris Rouch: "Re: LKM Trojan installed"
In reply to: Stephen Samuel: "Re: openSSL Key generation"
Next in thread: Seth Arnold: "Re: entropy + openSSL question"
Reply: Seth Arnold: "Re: entropy + openSSL question"
Reply: Steffen Dettmer: "Re: entropy + openSSL question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 18 Feb 2003 22:32:15 -0300 (ART)
From: "Felix Cuello" <felix@qodiga.com>
To: <focus-linux@securityfocus.com>

Hello,

There´s a secure form to gain entropy in a system to generate a really
secure private key using openSSL??

Think about that... if you have enough entropy to do good keys, suppose
that not any longer than 1024 bits. What´s happened if you want to
generate a key with 2048 bits length when entropy is out?? Well, an
algorithm do the job to generate pseudorandom numbers. (In case that
/dev/random or /dev/urandom doesn´t stop, because I don´t remember now but
any of this devices stops when entropy is out)

Then... I start again with my first question. there´s a good way to
generate entropy??? [Suppose that the machine who generates the key will
not have much interrupts because anybody are in front of the keyboard to
generate it]

I was thinked a funny analogical forms to generate entropy... but there´s
something more "formal". [I can´t migrate entropy from one machine to
another because others machines could not have secure entropy].

Thanks a lot!

[Note: my english is not enoguh good... please, if you need a better
explanation please ask me :-) ]

- Felix

Next message: Brian Hatch: "Re: LKM Trojan installed"
Previous message: Chris Rouch: "Re: LKM Trojan installed"
In reply to: Stephen Samuel: "Re: openSSL Key generation"
Next in thread: Seth Arnold: "Re: entropy + openSSL question"
Reply: Seth Arnold: "Re: entropy + openSSL question"
Reply: Steffen Dettmer: "Re: entropy + openSSL question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Randomness using computers
... prove that the application is secure ... urandom is not supposed to block. ... within the estimated number of bits of noise in the entropy pool. ... uses a cryptographically secure generator as well as physical seeding, ...
(sci.crypt)
Re: "Random" number generation (reprise)
... The devices themselves are not physically secure -- an adversary ... source code for your bootstrap. ... then this can build upon previous "accumulated entropy". ...
(comp.arch.embedded)
Re: new /dev/random
... ]>output whose entropy is greater than 160-epsilon ... That's a definition of a condition that SHA1 might meet. ... ]is this property more plausible than the assumption that SHA1 is a secure ... ]This is a distribution on 256-bit strings. ...
(sci.crypt)
Re: Randomness using computers
... prove that the application is secure ... urandom is not supposed to block. ... It is documented that it is often necessary to supply some entropy to ... although I could not find as much documentation on it (it ...
(sci.crypt)
Re: Entropy Pool Contents
... hole, but /dev/random was designed to try to make this impossible, assuming the cryptographic algorithms are secure. ... Essentially /dev/random will refuse to output any more data well before enough could be revealed to predict the current pool state, such that it is fairly secure even in the event of total failure of the cryptographic primatives. ... Even beyond that, the random pool also hashes the current value of the cycle-counter or time of day into the pool with each call, adding a bit of extra entropy in any case. ...
(Linux-Kernel)