subject:"\[openssl\-users\] using a random number file for generation of keys\/certificates"

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Viktor Dukhovni

On Thu, Sep 03, 2015 at 11:29:01AM -0700, Kevin Long wrote:

> Can I not use the file directly, as to not rely whatsoever on the OS?s PRNG ?

That would be unwise.  Much too easy to make a mistake and get that
wrong.  The best thing to do with additional entropy sources is to
mix them with existing ones, rather than rely on them exlcusively,
and especially if doing so means clever work-arounds that might go
wrong.

-- 
Viktor.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Kevin Long


Hi Mike (and all).

Thanks for the info.  I understand the implications of storing the randomized 
data to storage and precautions would be taken to air-gap this info from the 
outside world.  


> If not, you can use the TRNG for all newly issued certificates moving forward.

Can you pease syntax? I have googled but I’m unclear if this would be with 
-rand flag, or setting the RANDFILE variable, or something else.  Provided the 
randomized numbers are in a binary file, can you advise how to use this file 
for the generation of future keys/certs from the existing CA.

Thank you






> On Sep 3, 2015, at 2:23 AM, Mike Mohr  wrote:
> 
> Once you've written the random data to secondary storage you've permanently 
> compromised the integrity of any cryptographic secrets generated from it.  
> Depending on your threat model, underlying storage media, filesystem, and 
> other factors the data files may be recoverable indefinitely (especially if 
> you're using solid-state disks, due to their internal wear-leveling 
> algorithms).  Don't do that.
> 
> The cryptographic secrets contained in your existing CA infrastructure were 
> presumably generated using some sort of PRNG, so you'd have to regenerate 
> them if you think the PRNG was somehow compromised.  If not, you can use the 
> TRNG for all newly issued certificates moving forward.  However, I'd suggest 
> not using one of the proprietary devices which are encased in epoxy ... you 
> have no way to verify that they're doing what they say they are.  The data 
> quality coming out of those is fairly suspect in my mind (despite any 
> positive results from e.g. dieharder, etc).
> 
> On Wed, Sep 2, 2015 at 9:53 PM, Kevin Long  > wrote:
> 
> 
> Hello,
> 
> I’m using openssl to administer a root/intermediate CA  and I use the 
> certificates for a number of web servers and other applications. All of my 
> users install my root CA certificate for trust.
> 
> I’ve been asked to use a hardware random number generator to create the 
> keys/certificates going forward. I have a hardware RNG, and have created 
> several files of random numbers using it, and I would like to know:
> 
> 1) Can I specify my random numbers file to create keys/certificates from my 
> CA (openssl command line, mac or linux)
> 
> 2) Will this actually do any good, security wise,  given how openssl 
> certs/keys “work”.  My users and superiors are concerned with backdoors in 
> PRNGs and RNG predictabilities.
> 
> 3) If I can indeed use my own random numbers, does this mean I have to start 
> my CA from scratch to take advantage of any benefit using “true” random 
> numbers from my hardware RNG? or would simply using my RN’s for the 
> generation of  keys for new certificates going forward allow for the benefit 
> the true randomness gives.
> 
> Thank you.
> ___
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users 
> 
> 
> ___
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Kevin Long

Can I not use the file directly, as to not rely whatsoever on the OS’s PRNG ?



> On Sep 3, 2015, at 11:23 AM, Viktor Dukhovni  
> wrote:
> 
> On Wed, Sep 02, 2015 at 09:53:05PM -0700, Kevin Long wrote:
> 
>> I've been asked to use a hardware random number generator to create the
>> keys/certificates going forward. I have a hardware RNG, and have created
>> several files of random numbers using it, and I would like to know:
> 
> Cat those files into /dev/urandom or /dev/random.  That'll mix them
> into the system's entropy pool.  Then generate keys as usual from
> /dev/urandom.
> 
> -- 
>   Viktor.
> ___
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Viktor Dukhovni

On Wed, Sep 02, 2015 at 09:53:05PM -0700, Kevin Long wrote:

> I've been asked to use a hardware random number generator to create the
> keys/certificates going forward. I have a hardware RNG, and have created
> several files of random numbers using it, and I would like to know:

Cat those files into /dev/urandom or /dev/random.  That'll mix them
into the system's entropy pool.  Then generate keys as usual from
/dev/urandom.

-- 
Viktor.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Graham Leggett

On 3 Sep 2015, at 19:23, Viktor Dukhovni  wrote:

> Cat those files into /dev/urandom or /dev/random.  That'll mix them
> into the system's entropy pool.  Then generate keys as usual from
> /dev/urandom.

I have used a deck of playing cards as a source of entropy, saved to a ram disk 
on a system with no swap, used then discarded. This has the advantage that you 
know where the randomness comes from.

Regards,
Graham
--

___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Michael Wojcik

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Graham Leggett
> Sent: Thursday, September 03, 2015 14:43
> 
> I have used a deck of playing cards as a source of entropy, saved to a ram 
> disk
> on a system with no swap, used then discarded. This has the advantage that
> you know where the randomness comes from.

Yes, though even under ideal circumstances a standard deck of playing cards 
only has ~225 bits of entropy [log_2(52!)]. That's plenty for poker, but may 
not last long when used for cryptography by a busy system.

It depends what you're using it for, of course, and how well it's mixed into 
the pool; and it's a decent-sized contribution. But considering the cost of 
reseeding (manually shuffling the cards and entering the data - which is 
time-expensive and opportunity-expensive, because it involves an expensive 
human component), it's not very efficient.

You could build a card-shuffling-and-data-entering robot with some good 
physical randomness (tumbling the cards in a turbulent-air chamber, maybe), but 
there are physical-randomness alternatives with less complexity and better form 
factors.

-- 
Michael Wojcik
Technology Specialist, Micro Focus


___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

2015-09-03 Thread Mike Mohr

Once you've written the random data to secondary storage you've permanently
compromised the integrity of any cryptographic secrets generated from it.
Depending on your threat model, underlying storage media, filesystem, and
other factors the data files may be recoverable indefinitely (especially if
you're using solid-state disks, due to their internal wear-leveling
algorithms).  Don't do that.

The cryptographic secrets contained in your existing CA infrastructure were
presumably generated using some sort of PRNG, so you'd have to regenerate
them if you think the PRNG was somehow compromised.  If not, you can use
the TRNG for all newly issued certificates moving forward.  However, I'd
suggest not using one of the proprietary devices which are encased in epoxy
... you have no way to verify that they're doing what they say they are.
The data quality coming out of those is fairly suspect in my mind (despite
any positive results from e.g. dieharder, etc).

On Wed, Sep 2, 2015 at 9:53 PM, Kevin Long  wrote:

>
>
> Hello,
>
> I’m using openssl to administer a root/intermediate CA  and I use the
> certificates for a number of web servers and other applications. All of my
> users install my root CA certificate for trust.
>
> I’ve been asked to use a hardware random number generator to create the
> keys/certificates going forward. I have a hardware RNG, and have created
> several files of random numbers using it, and I would like to know:
>
> 1) Can I specify my random numbers file to create keys/certificates from
> my CA (openssl command line, mac or linux)
>
> 2) Will this actually do any good, security wise,  given how openssl
> certs/keys “work”.  My users and superiors are concerned with backdoors in
> PRNGs and RNG predictabilities.
>
> 3) If I can indeed use my own random numbers, does this mean I have to
> start my CA from scratch to take advantage of any benefit using “true”
> random numbers from my hardware RNG? or would simply using my RN’s for the
> generation of  keys for new certificates going forward allow for the
> benefit the true randomness gives.
>
> Thank you.
> ___
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] using a random number file for generation of keys/certificates

2015-09-02 Thread Kevin Long



Hello,

I’m using openssl to administer a root/intermediate CA  and I use the 
certificates for a number of web servers and other applications. All of my 
users install my root CA certificate for trust.

I’ve been asked to use a hardware random number generator to create the 
keys/certificates going forward. I have a hardware RNG, and have created 
several files of random numbers using it, and I would like to know:

1) Can I specify my random numbers file to create keys/certificates from my CA 
(openssl command line, mac or linux)

2) Will this actually do any good, security wise,  given how openssl certs/keys 
“work”.  My users and superiors are concerned with backdoors in PRNGs and RNG 
predictabilities. 

3) If I can indeed use my own random numbers, does this mean I have to start my 
CA from scratch to take advantage of any benefit using “true” random numbers 
from my hardware RNG? or would simply using my RN’s for the generation of  keys 
for new certificates going forward allow for the benefit the true randomness 
gives.

Thank you.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] using a random number file for generation of keys/certificates

Re: [openssl-users] using a random number file for generation of keys/certificates

Re: [openssl-users] using a random number file for generation of keys/certificates

Re: [openssl-users] using a random number file for generation of keys/certificates

Re: [openssl-users] using a random number file for generation of keys/certificates

Re: [openssl-users] using a random number file for generation of keys/certificates

Re: [openssl-users] using a random number file for generation of keys/certificates

[openssl-users] using a random number file for generation of keys/certificates

8 matches

Site Navigation

Mail list logo

Footer information