[Cryptography] OpenSSL CSPRNG work
Watson Ladd
watsonbladd at gmail.com
Thu Jun 29 01:39:15 EDT 2017
On Mon, Jun 26, 2017 at 6:19 AM, Salz, Rich via cryptography
<cryptography at metzdowd.com> wrote:
> We’re starting to work on a new CSPRNG for OpenSSL release 1.1.1 (the main
> point of that release is TLS 1.3, so we think it will have a lot of uptake).
I would strongly suggest only using /dev/random or /dev/urandom to
seed the top level generator. On Windows there is a separate API for
the same thing. Other sources are not guaranteed to be random, and
ultimately the OS knows far more than you do.
>
>
>
> The conversation thread, on the dev mailing list, starts here:
> https://mta.openssl.org/pipermail/openssl-dev/2017-June/009403.html It also
> has pointers to other dicussions in a first GitHub pull request.
>
>
>
> Thanks.
>
>
>
> --
>
> Senior Architect, Akamai Technologies
>
> Member, OpenSSL Dev Team
>
> IM: richsalz at jabber.at Twitter: RichSalz
>
>
>
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
--
"Man is born free, but everywhere he is in chains".
--Rousseau.
More information about the cryptography
mailing list