On Wed, Sep 27, 2017 at 07:57:43PM +0800, Harald Welte wrote: > For TMSI allocation, my "cryptographic gut feeling"[tm] is that something > like rand() or any other pseudo-random generator of significantly large > period is sufficient *if* it is seeded by a non-predictable value. So > something like seeding with getrandom() result should be fine?
Also matches my gut feeling there. Might also make sense to periodically re-seed from /dev/urandom / getrandom(), like every 100 TMSIs, or based on a timeout might be easier to implement. > For long-term stable key (Ki/Op) generation for provisioning SIM cards + > populating a HLR, I would certainly opt for using stronger randomness > sources. However, I don't think we actually implement that anywhere, do > we? what does openssh use for public/private keypair generation? > What do you guys think? Is there somebody on this list more > cryptographically qualified to give us proper guidance? If you know > somebody skilled who might want to help but is not on this list, would > you invite them to join this discussion? I don't count myself as one of them, help is still appreciated. ~N
signature.asc
Description: Digital signature
