Re: PEM_write_bio_RSAPrivateKey assure Randomness of PK

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 23.05.2018 20:39, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf
Of redpath
Sent: Wednesday, May 23, 2018 13:08
To: openssl-users@xxxxxxxxxxx
Subject: Re:  PEM_write_bio_RSAPrivateKey assure
Randomness of PK

SO if I add this RAND usage below, em I seeding to assure a different RSA key
pair each time run of creating a RSA pair.

You'll get a *different* key pair (with high probability) each time, provided you wait at least a second between generating keys. That is, if you get anything at all; you may not, if there isn't enough entropy in the pool.

You'll also get completely pointless keys, because the wall-clock time contains little entropy.

As Viktor wrote: DO NOT DO THIS. If you don't understand why, stop trying to use cryptography until you've learned enough about the subject to be a bit less dangerous.


... if this is code going in the general direction of "production deployment", then get a crypto-person on board, or at least get them to review and sign off the code. Otherwise this *will* end in a debacle.

-Marian
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux