Hi,
Does OpenSSL use this by default, if not where do a user choose which method to use for CSPRNG? Thanks, Tony |
On Mon, Sep 23, 2013, yustein wrote:
> Hi, > > Does OpenSSL use this by default, if not where do a user choose which method > to use for CSPRNG? > The default DRBG for OpenSSL is 256 bit AES CTR_DRBG. The default can be changed by using the compile time flags: -DOPENSSL_DRBG_DEFAULT_TYPE=type -DOPENSSL_DRBG_DEFAULT_FLAG=flags The default DRBG type can also be set at runtime before any other operations are performed by calling: void RAND_set_fips_drbg_type(int type, int flags); Where "type" and "flags" have the same values as those indicated in the user guide (section 6.1.2). Future versions of OpenSSL will fail if an attempt is made to use the Dual EC DRBG. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Thanks a lot! :)
Tony Sent from my iPhone > On Sep 24, 2013, at 2:27 PM, "Dr. Stephen Henson" <[hidden email]> wrote: > >> On Mon, Sep 23, 2013, yustein wrote: >> >> Hi, >> >> Does OpenSSL use this by default, if not where do a user choose which method >> to use for CSPRNG? > > The default DRBG for OpenSSL is 256 bit AES CTR_DRBG. > > The default can be changed by using the compile time flags: > > -DOPENSSL_DRBG_DEFAULT_TYPE=type > -DOPENSSL_DRBG_DEFAULT_FLAG=flags > > The default DRBG type can also be set at runtime before any other operations > are performed by calling: > > void RAND_set_fips_drbg_type(int type, int flags); > > Where "type" and "flags" have the same values as those indicated in the user > guide (section 6.1.2). > > Future versions of OpenSSL will fail if an attempt is made to use the Dual EC > DRBG. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [hidden email] > Automated List Manager [hidden email] |
In reply to this post by Dr. Stephen Henson
On 09/24/2013 07:27 AM, Dr. Stephen Henson wrote:
> ... > > Future versions of OpenSSL will fail if an attempt is made to use the Dual EC > DRBG. Note we're also looking into removing Dual EC DRBG from the OpenSSL FIPS Object Module, a more difficult proposition as there are strict restrictions on changes to FIPS 140-2 validated modules even to address security issues. For the typical user of the FIPS module accessing it via the "FIPS capable" OpenSSL the presence or absence of Dual EC DRBG in the FIPS module itself will be moot once it disappears from OpenSSL proper. But, in a few cases the FIPS module is used directly. Incidentally, I was the one who advocated the implementation of that DRBG, along with the other three in SP800-90, on the grounds that a) it was after all an official standard, b) OpenSSL already implements some weak algorithms, and c) the deficiencies were so well known that surely no one would be stupid enough to actually use it for any serious real world applications. I was profoundly wrong about that. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct [hidden email] [hidden email] gpg/pgp key: http://openssl.com/docs/0xCE69424E.asc ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Thanks :) Sent from my iPhone
|
Free forum by Nabble | Edit this page |