> On 5. Oct 2017, at 15:35, Harald Welte <[email protected]> wrote: > > Hi Holger,
Hi, >> Picking something like RAND_bytes of OpenSSL for TMSIs seems to be the >> best way. It will re-seed itself (and we are not forking). > > Ok, then let's do that. Maybe to expand on the "forking" part. OpenSSL didn't (and might not do it right now) re-seed on fork. This created some security issues on other platforms (maybe the most noticeable was Android, e.g. two processes generating the same random numbers). >> If the OpenSSL dependency is too bad (license compatibility, the move to the >> Apache license >> could help us here for GPLv3+ software) > > Yes, the new apache-style license makes this less of a headache. > > So then we conclude for now: > > * TMSIs and other temp identifiers: openssl RAND_bytes() > * random challenges for authentication: also RAND_bytes, or getrandom()? > * secret key generation (which we don't implement, so far: ? I would use RAND_bytes() in all of these cases
