RNG quality verification
Alexander Klimov
alserkli at inbox.ru
Thu Dec 22 12:01:40 EST 2005
On Thu, 22 Dec 2005, Philipp [iso-8859-1] G?hring wrote:
>
> I have been asked by to verify the quality of the random numbers which are
> used for certificate requests that are being sent to us, to make sure that
> they are good enough, and we don?t issue certificates for weak keys.
Consider an implementation which uses x = time and when
SHA1(hardcoded-string||x), SHA1(hardcoded-string||x+1), etc. as a
starting point to search for primes. Unless you know what is the
hardcoded-string you cannot tell that the random starting point was
not that random: it is very important to realize that randomness is
the property of the source and not of a string.
BTW, note that what you can see in the certificate request for an
RSA key is n and not p and q themselves.
--
Regards,
ASK
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list