PRNG design document?

Ben Laurie ben at
Fri Aug 29 06:13:42 EDT 2003

Thor Lancelot Simon wrote:

> On Fri, Aug 22, 2003 at 10:00:14AM -0700, Bob Baldwin PlusFive wrote:
>>     One issue to consider is whether the system
>>that includes the PRNG will ever need a FIPS-140-2
>>rating.  For example, people are now working on
>>a FIPS-140 validation for OpenSSL.  If so, then
>>the generator for keys and IVs MUST be a FIPS
>>approved algorithm, whether or not there are
> That's not quite right.
> 1) Various entities have already had various versions of 
>    OpenSSL FIPS-140-2 certified.

The validation is for the source of OpenSSL, and will be rolled into the
release, this is what is new.




"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list