How initialize the PRNG using RAND_seed ?

classic Classic list List threaded Threaded
22 messages Options
12
Reply | Threaded
Open this post in threaded view
|

How initialize the PRNG using RAND_seed ?

Angel Martinez Gonzalez
Hello:

I need initialize the PRNG to can generate keys and performing public key
encryption.

I want use one of this functions:
    void RAND_seed(const void *buf, int num);
    void RAND_add(const void *buf, int num, double entropy);

But I don´t know what parameters I have to use. Somebody can send me a
example to use this functions?.

Thanks a lot.

Regards.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: How initialize the PRNG using RAND_seed ?

Bernhard Fröhlich-2
Angel Martinez Gonzalez wrote:

>Hello:
>
>I need initialize the PRNG to can generate keys and performing public key
>encryption.
>
>I want use one of this functions:
>    void RAND_seed(const void *buf, int num);
>    void RAND_add(const void *buf, int num, double entropy);
>
>But I don´t know what parameters I have to use. Somebody can send me a
>example to use this functions?.
>  
>
See http://www.openssl.org/docs/crypto/RAND_add.html

You usually use RAND_seed with a buffer of "good" random data.

Hope it helps,
Ted
;)

--
PGP Public Key Information
Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
Key fingerprint = 31B0 E029 BCF9 6605 DAC1  B2E1 0CC8 70F4 7AFB 8D26



smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: How initialize the PRNG using RAND_seed ?

Angel Martinez Gonzalez
Hello:

Thanks for your help, but I don´t know what "buffer" and "num" I must use.

How I can generate this buffer of random data?. And, "num" is the entropy,
but, what is it?. How I obtain this entropy?.

I use Windows.

Thanks. Ragards.

----- Original Message -----
From: "Bernhard Froehlich" <[hidden email]>
To: <[hidden email]>
Sent: Thursday, June 23, 2005 10:17 AM
Subject: Re: How initialize the PRNG using RAND_seed ?


Angel Martinez Gonzalez wrote:

>Hello:
>
>I need initialize the PRNG to can generate keys and performing public key
>encryption.
>
>I want use one of this functions:
>    void RAND_seed(const void *buf, int num);
>    void RAND_add(const void *buf, int num, double entropy);
>
>But I don´t know what parameters I have to use. Somebody can send me a
>example to use this functions?.
>
>
See http://www.openssl.org/docs/crypto/RAND_add.html

You usually use RAND_seed with a buffer of "good" random data.

Hope it helps,
Ted
;)

--
PGP Public Key Information
Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
Key fingerprint = 31B0 E029 BCF9 6605 DAC1  B2E1 0CC8 70F4 7AFB 8D26



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: How initialize the PRNG using RAND_seed ?

Ted Mittelstaedt

Just use FreeBSD 5.X as your operating system, the random device
on it has been completely rewritten to be self-seeding with
high quality random numbers.  It harvests from a number of interrupts and
if you don't turn those on it uses the Yarrow PRNG code.  And it
also uses the hardware random generator in the VIA C3 Nehemiah
(stepping 3 or greater) CPU if your motherboard has one of those CPUs.

The PRNG is already ready to go when the system boots so you don't have
to muck with any of those openssl seeding commands.

Ted

>-----Original Message-----
>From: [hidden email]
>[mailto:[hidden email]]On Behalf Of Angel Martinez
>Gonzalez
>Sent: Thursday, June 23, 2005 1:26 AM
>To: [hidden email]
>Subject: Re: How initialize the PRNG using RAND_seed ?
>
>
>Hello:
>
>Thanks for your help, but I don´t know what "buffer" and "num"
>I must use.
>
>How I can generate this buffer of random data?. And, "num" is
>the entropy,
>but, what is it?. How I obtain this entropy?.
>
>I use Windows.
>
>Thanks. Ragards.
>
>----- Original Message -----
>From: "Bernhard Froehlich" <[hidden email]>
>To: <[hidden email]>
>Sent: Thursday, June 23, 2005 10:17 AM
>Subject: Re: How initialize the PRNG using RAND_seed ?
>
>
>Angel Martinez Gonzalez wrote:
>
>>Hello:
>>
>>I need initialize the PRNG to can generate keys and performing
>public key
>>encryption.
>>
>>I want use one of this functions:
>>    void RAND_seed(const void *buf, int num);
>>    void RAND_add(const void *buf, int num, double entropy);
>>
>>But I don´t know what parameters I have to use. Somebody can send me a
>>example to use this functions?.
>>
>>
>See http://www.openssl.org/docs/crypto/RAND_add.html
>
>You usually use RAND_seed with a buffer of "good" random data.
>
>Hope it helps,
>Ted
>;)
>
>--
>PGP Public Key Information
>Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
>Key fingerprint = 31B0 E029 BCF9 6605 DAC1  B2E1 0CC8 70F4 7AFB 8D26
>
>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: How initialize the PRNG using RAND_seed ?

Bernhard Fröhlich-2
In reply to this post by Angel Martinez Gonzalez
Angel Martinez Gonzalez wrote:

>Hello:
>
>Thanks for your help, but I don´t know what "buffer" and "num" I must use.
>  
>
Buffer is a memory pointer. Usually something you allocated (in C by
calling malloc) and filled with Data. If you don't know how to do that
I'd urgently advise a basic course in C programming (or C++ or Pascal or
Visual Basic or whatever). "num" is the number of bytes contained in
that Buffer.
You could also use RAND_load_file
(http://www.openssl.org/docs/crypto/RAND_load_file.html) to load the
data from a file.

>How I can generate this buffer of random data?. And, "num" is the entropy,
>but, what is it?. How I obtain this entropy?.
>  
>
That's the question which is considerably more tricky. Possible sources
are timers (GetTickCount()) or user interaction. But it is really hard
to get significant amounts of entropy without operating system support.

>I use Windows.
>  
>
There is a long way between Windows 2.0 and Windows Server 2003... ;)
If you are using reasonable current versions of Windows (like 2000 or
XP) the PRNG should be seeded automatically using MS Crypto API. You
could check if the PRNG is seeded sufficiently by calling RAND_status.

I once again recommend thorough reading of
http://www.openssl.org/docs/crypto/RAND_add.html.

>Thanks. Ragards.
>  
>
Ted
BTW, do you know the acronym RTFM? ;)


smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Generating a lot of randomness...

C Wegrzyn
I have to generate quite a few random keys (and iv's) during a days. It
comes out to about 1 million keys (16 bytes each) and 1 million iv's (16
bytes each).

I tried using /dev/random and /dev/urandom but in one case it blocks too
much of the time and in the other seems to run pretty slow. I tried
using EGAD et al to no avail. So I decided to take a different
approach.  I am hoping to hear from others how they might have solved
the problem.

I thought I would take a hash of the message and using it as the salt
call EVP_BytesToKey.  I was wondering what others think of this solution.

Chuck Wegrzyn
Open Intent, Inc.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

Ken Goldman
> Date: Thu, 23 Jun 2005 12:22:30 -0400
> From: C Wegrzyn <[hidden email]>
>
> I have to generate quite a few random keys (and iv's) during a days. It
> comes out to about 1 million keys (16 bytes each) and 1 million iv's (16
> bytes each).
>
> I tried using /dev/random and /dev/urandom but in one case it blocks too
> much of the time and in the other seems to run pretty slow. I tried
> using EGAD et al to no avail. So I decided to take a different
> approach.  I am hoping to hear from others how they might have solved
> the problem.
>
> I thought I would take a hash of the message and using it as the salt
> call EVP_BytesToKey.  I was wondering what others think of this solution.

I've seen this approach: Use the hardware random number generator HRNG
to seed a pseudorandom number generator PSRG.  Use PSRG to generate
random numbers.  Each n random numbers, reseed PSRG from HRNG.

--
Ken Goldman   [hidden email]   914-784-7646
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

C Wegrzyn
I can't add anything beyond what is available on a AMD or Intel
motherboard. So is there a built-in HRNG that I can get to (if so, where
is the driver for it)?

Thanks again,
Chuck Wegrzyn


Ken Goldman wrote:

>>Date: Thu, 23 Jun 2005 12:22:30 -0400
>>From: C Wegrzyn <[hidden email]>
>>
>>I have to generate quite a few random keys (and iv's) during a days. It
>>comes out to about 1 million keys (16 bytes each) and 1 million iv's (16
>>bytes each).
>>
>>I tried using /dev/random and /dev/urandom but in one case it blocks too
>>much of the time and in the other seems to run pretty slow. I tried
>>using EGAD et al to no avail. So I decided to take a different
>>approach.  I am hoping to hear from others how they might have solved
>>the problem.
>>
>>I thought I would take a hash of the message and using it as the salt
>>call EVP_BytesToKey.  I was wondering what others think of this solution.
>>    
>>
>
>I've seen this approach: Use the hardware random number generator HRNG
>to seed a pseudorandom number generator PSRG.  Use PSRG to generate
>random numbers.  Each n random numbers, reseed PSRG from HRNG.
>
>  
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Reducing size of the OpenSSL library

Krishna M Singh
In reply to this post by Ken Goldman
Hi All

I was trying to reduce the size of the openSsl library due to memory constraints on our platform.
I tried to remove three patented ciphers idea, rc5 and mdc2. Any ideas what more can be done to
reduce the final size of the library?.

thanks and regards
-Krish


               
__________________________________
Do you Yahoo!?
Make Yahoo! your home page
http://www.yahoo.com/r/hs
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Reducing size of the OpenSSL library

J. Wren Hunt

On Thu, 23 Jun 2005 11:11:18 -0700 (PDT), "Krishna M Singh"
<[hidden email]> said:
> Hi All
>
> I was trying to reduce the size of the openSsl library due to memory
> constraints on our platform.
> I tried to remove three patented ciphers idea, rc5 and mdc2. Any ideas
> what more can be done to
> reduce the final size of the library?.
>

If you're not already using this switch you might give it a try:

-Os
    Optimize for size. -Os enables all -O2 optimizations that do not
    typically increase code size. It also performs further optimizations
    designed to reduce code size.

    -Os disables the following optimization flags:

          -falign-functions  -falign-jumps  -falign-loops
          -falign-labels  -freorder-blocks -fprefetch-loop-arrays
     
Wren
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Generating a lot of randomness...

JoelKatz
In reply to this post by C Wegrzyn

> I can't add anything beyond what is available on a AMD or Intel
> motherboard. So is there a built-in HRNG that I can get to (if so, where
> is the driver for it)?

        Use /dev/urandom to seed your own PRNG. Or use it to seed OpenSSL's PRNG.

        Why are you asking on this list anyway? Did you try OpenSSL's PRNG and find
it insufficient?

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

C Wegrzyn
Generating one or two random numbers over a period of time isn't a big
deal. Generating 100,000+  128 bit random numbers an hour taxes
/dev/random and /dev/urandom. Even the use of EGAD doesn't help.

If you re-read the thread you will see that I wrote what I thought was a
reasonable approach and looking for concrete criticism of it or other ways.

C


David Schwartz wrote:

>>I can't add anything beyond what is available on a AMD or Intel
>>motherboard. So is there a built-in HRNG that I can get to (if so, where
>>is the driver for it)?
>>    
>>
>
> Use /dev/urandom to seed your own PRNG. Or use it to seed OpenSSL's PRNG.
>
> Why are you asking on this list anyway? Did you try OpenSSL's PRNG and find
>it insufficient?
>
> DS
>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]
>
>
>  
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Generating a lot of randomness...

JoelKatz

> Generating one or two random numbers over a period of time isn't a big
> deal. Generating 100,000+  128 bit random numbers an hour taxes
> /dev/random and /dev/urandom. Even the use of EGAD doesn't help.

        Right.
 
> If you re-read the thread you will see that I wrote what I thought was a
> reasonable approach and looking for concrete criticism of it or
> other ways.

        But why not the obvious approach -- using OpenSSL's RNG?

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

C Wegrzyn
I see things for adding entropy, loading files, etc. I don't see
anything about generating random numbers. Am I missing something so
obvious if it was a snake it would have bitten me by now?

Chuck  Wegrzyn

David Schwartz wrote:

>>Generating one or two random numbers over a period of time isn't a big
>>deal. Generating 100,000+  128 bit random numbers an hour taxes
>>/dev/random and /dev/urandom. Even the use of EGAD doesn't help.
>>    
>>
>
> Right.
>
>  
>
>>If you re-read the thread you will see that I wrote what I thought was a
>>reasonable approach and looking for concrete criticism of it or
>>other ways.
>>    
>>
>
> But why not the obvious approach -- using OpenSSL's RNG?
>
> DS
>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]
>
>
>  
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

Michael Sierchio
In reply to this post by C Wegrzyn
C Wegrzyn wrote:

> I have to generate quite a few random keys (and iv's) during a days. It
> comes out to about 1 million keys (16 bytes each) and 1 million iv's (16
> bytes each).
>
> I tried using /dev/random and /dev/urandom but in one case it blocks too
> much of the time and in the other seems to run pretty slow. I tried
> using EGAD et al to no avail. So I decided to take a different
> approach.  I am hoping to hear from others how they might have solved
> the problem.
>
> I thought I would take a hash of the message and using it as the salt
> call EVP_BytesToKey.  I was wondering what others think of this solution.

I would say that qualifies as close to the definition of "bad" from
a cryptographic standpoint. ;-)

Use /dev/random to seed Yarrow, or another PRNG, if you need a lot of
random material.  Don't make it a function of anything that isn't
a nonce.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Generating a lot of randomness...

Ted Mittelstaedt
In reply to this post by C Wegrzyn


>-----Original Message-----
>From: [hidden email]
>[mailto:[hidden email]]On Behalf Of C Wegrzyn
>Sent: Thursday, June 23, 2005 10:14 AM
>To: Ken Goldman
>Cc: [hidden email]
>Subject: Re: Generating a lot of randomness...
>
>
>I can't add anything beyond what is available on a AMD or Intel
>motherboard. So is there a built-in HRNG that I can get to (if so, where
>is the driver for it)?
>

What operating system are you using?

Ted

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

C Wegrzyn
Linux (gentoo variant).

C.

Ted Mittelstaedt wrote:

>  
>
>>-----Original Message-----
>>From: [hidden email]
>>[mailto:[hidden email]]On Behalf Of C Wegrzyn
>>Sent: Thursday, June 23, 2005 10:14 AM
>>To: Ken Goldman
>>Cc: [hidden email]
>>Subject: Re: Generating a lot of randomness...
>>
>>
>>I can't add anything beyond what is available on a AMD or Intel
>>motherboard. So is there a built-in HRNG that I can get to (if so, where
>>is the driver for it)?
>>
>>    
>>
>
>What operating system are you using?
>
>Ted
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]
>
>
>  
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Generating a lot of randomness...

Michael Sierchio
In reply to this post by C Wegrzyn

This is a few years old, but may be useful.   The code illustrates the
use of the HMAC variant on ANSI X9.17 key generation as described in the
paper, used to generate random byte strings.  It uses the hash functions
in the OpenSSL libraries.

Paper:
        http://www.tenebras.com/papers/SecureRandom.html

Code:
        http://www.tenebras.com/code/hmac-prng.tar.gz
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Generating a lot of randomness...

Ted Mittelstaedt
In reply to this post by C Wegrzyn

I thought that Linux's random device now supports the HRNG's
for Intel, AMD and Via.  Here's the docs on the Intel HRNG:

http://www.linuxhq.com/kernel/v2.4/3/Documentation/i810_rng.txt

What does menuconfig say?  

The Linux driver used to be built on the old
Theodore Ts'o code, which is not sufficiently random for
very high crypto.  Maybe your Linux distribution still
uses this code?

An overview of the VIA Technologies HRNG is here:

http://www.via.com.tw/en/initiatives/padlock/hardware.jsp

FreeBSD 5.x has a driver for this in it's /dev/random device.

An overview of the HRNG in the Intel CPU's (P3 and later) is here:

http://www.cryptography.com/resources/whitepapers/IntelRNG.pdf

Another very good technique is to use a simple PC cam with
the lenscap on.  Here's the link:

http://www.lavarnd.org/what/index.html

Have fun!

Ted

>-----Original Message-----
>From: [hidden email]
>[mailto:[hidden email]]On Behalf Of C Wegrzyn
>Sent: Thursday, June 23, 2005 4:14 PM
>To: [hidden email]
>Cc: Ken Goldman
>Subject: Re: Generating a lot of randomness...
>
>
>Linux (gentoo variant).
>
>C.
>
>Ted Mittelstaedt wrote:
>
>>  
>>
>>>-----Original Message-----
>>>From: [hidden email]
>>>[mailto:[hidden email]]On Behalf Of C Wegrzyn
>>>Sent: Thursday, June 23, 2005 10:14 AM
>>>To: Ken Goldman
>>>Cc: [hidden email]
>>>Subject: Re: Generating a lot of randomness...
>>>
>>>
>>>I can't add anything beyond what is available on a AMD or Intel
>>>motherboard. So is there a built-in HRNG that I can get to
>(if so, where
>>>is the driver for it)?
>>>
>>>    
>>>
>>
>>What operating system are you using?
>>
>>Ted
>>
>>______________________________________________________________________
>>OpenSSL Project                                 http://www.openssl.org
>>User Support Mailing List                    [hidden email]
>>Automated List Manager                           [hidden email]
>>
>>
>>  
>>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Reducing size of the OpenSSL library

Gayathri Sundar-2
In reply to this post by Krishna M Singh
---------------------------- Original Message ----------------------------
Subject: Re: Reducing size of the OpenSSL library
From:    "Gayathri Sundar" <[hidden email]>
Date:    Fri, June 24, 2005 12:05 am
To:      [hidden email]
--------------------------------------------------------------------------

Hi.

could you pls tell how the ssl performance is affected by including the Os
flag? looks like quite a few of the optimizations are disabled here.

thanks
-Gayathri

-----Original Message-----
From: [hidden email]
[mailto:[hidden email]]On Behalf Of J. Wren Hunt
Sent: Thursday, June 23, 2005 11:47 PM
To: [hidden email]
Subject: Re: Reducing size of the OpenSSL library



On Thu, 23 Jun 2005 11:11:18 -0700 (PDT), "Krishna M Singh"
<[hidden email]> said:
> Hi All
>
> I was trying to reduce the size of the openSsl library due to memory
constraints on our platform.
> I tried to remove three patented ciphers idea, rc5 and mdc2. Any ideas
what more can be done to
> reduce the final size of the library?.
>

If you're not already using this switch you might give it a try:

-Os
    Optimize for size. -Os enables all -O2 optimizations that do not
typically increase code size. It also performs further optimizations
designed to reduce code size.

    -Os disables the following optimization flags:

          -falign-functions  -falign-jumps  -falign-loops
          -falign-labels  -freorder-blocks -fprefetch-loop-arrays

Wren



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
12