Where do the random numbers come from?
From: Bjoern (bjoern_p1_at_gmx.net)
Date: Thu, 10 Feb 2005 00:34:40 +0100
Not sure if this is the best community to ask, but it is the closest I
have found. I am programming an encrypted connection between a client
and a server, and I have tried to mimic the way ssh does it (TLS) -
except that I don't use a handshake, as the protocol is already set from
the beginning. Briefly I randomly generate a key for AES, which I then
encrypt with RSA and the servers public key. The rest of the data is
being encrypted with the RSA key.
However, I feel there is a last bit of uncertainty - where do the random
numbers for generating the AES key come from? The library I use
(BouncyCastle) just initializes the random numbers generator with the
system time. But it will only take at most a few minutes from starting
the application untill the user sends the data, so I think there are
only minutes*60*1000 combinations for an intercepting attacker to try,
which is presumably a piece of cake for modern computers :-(
So I wonder, how do common ssh implementations solve this? I have never
noticed any of these appliations (including https) ask the user to do
some random typing to generate noise?
I guess it would be better to let the server provide the random key, as
not so much would be known about the servers internal state. But I think
ssh also let's the client provide the key for the symmetric encryption?
In my application it would be difficult to let the server provide the
random key, as it would require more code on the client side, which is
limited in memory (mobile device).
Any advice would be much appreciated!