« Return to Thread: Using random number file
Re: Using random number file
by Michael S. Zick-4
::
Rate this Message:
On Fri July 3 2009, Akos Vandra wrote:
> As far as I understand, that file is used only to seed the internal PRNG,
> not to read numbers from there... Or am I wrong? (Also the docs say the file
> will be overwrited)
>
Yes to both.
This is intended to reduce the chance that the same random bit sequence
will be used more than once.
Reading "random" numbers from a file is one way to defeat this protection.
I.E: You don't know how many other people have read the same file.
There are types of cryptography based on the concept of a "one time pad" -
but that does not seem to be what you are asking about in this post.
Mike
> Regards,
> Vandra Ákos
>
> 2009/7/3 Bernhard Froehlich <ted@...>
>
> > Akos Vandra schrieb:
> >
> > Hello!
> >>
> >> I have a source of (more or less) true random numbers, which I get as
> >> binary files (1MB each).
> >> I want openssl to use these files as a random number source to generate
> >> keys and signing operations. How can this be done?
> >>
> >> Regards,
> >> Vandra Ákos
> >>
> > Try using the RANDFILE= parameter in the configuration file
> > http://www.openssl.org/docs/apps/config.html, though I don't know if this
> > parameter is used by all commands.
> >
> > Hope it helps.
> > Ted
> > ;)
> >
> > --
> > PGP Public Key Information
> > Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
> > Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
> >
> >
> >
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@...
Automated List Manager majordomo@...
> As far as I understand, that file is used only to seed the internal PRNG,
> not to read numbers from there... Or am I wrong? (Also the docs say the file
> will be overwrited)
>
Yes to both.
This is intended to reduce the chance that the same random bit sequence
will be used more than once.
Reading "random" numbers from a file is one way to defeat this protection.
I.E: You don't know how many other people have read the same file.
There are types of cryptography based on the concept of a "one time pad" -
but that does not seem to be what you are asking about in this post.
Mike
> Regards,
> Vandra Ákos
>
> 2009/7/3 Bernhard Froehlich <ted@...>
>
> > Akos Vandra schrieb:
> >
> > Hello!
> >>
> >> I have a source of (more or less) true random numbers, which I get as
> >> binary files (1MB each).
> >> I want openssl to use these files as a random number source to generate
> >> keys and signing operations. How can this be done?
> >>
> >> Regards,
> >> Vandra Ákos
> >>
> > Try using the RANDFILE= parameter in the configuration file
> > http://www.openssl.org/docs/apps/config.html, though I don't know if this
> > parameter is used by all commands.
> >
> > Hope it helps.
> > Ted
> > ;)
> >
> > --
> > PGP Public Key Information
> > Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
> > Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
> >
> >
> >
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@...
Automated List Manager majordomo@...
« Return to Thread: Using random number file
| Free embeddable forum powered by Nabble | Forum Help |
