[Cryptography] Is Ron right on randomness
Ron Garret
ron at flownet.com
Sat Nov 26 19:30:23 EST 2016
On Nov 26, 2016, at 6:38 AM, Salz, Rich <rsalz at akamai.com> wrote:
>> Absolutely right. Only TRNGs that make raw data available should be trusted. Further, the source should have a simple physical model which is proven out by measurements, preferably continuously.
>
> Meanwhile, back in the real world... What should OpenSSL do, given the wide number of platforms and huge uninformed community that depends on it, do?
Build a very clean interface to an entropy source to make it easy for a user to plug in different ones. Include two by default:
1. /dev/urandom, which should be the default. A user should have to take positive action to use anything other than /dev/urandom. But that said, I would recommend including as an option:
2. User input, like typing keys or moving a mouse around. (Need to use a high safety margin here. User input contains less entropy than most people think.)
3. If OpenSSL wanted to include support for an external hardware source of randomness (like, say, the SC4-HSM) I wouldn’t mind ;-)
rg
More information about the cryptography
mailing list