Re: Private RANDFILE per CA required?
On 02.10.2012, at 15:22, Jakob Bohm wrote: On 10/2/2012 2:04 PM, Stefan H. Holek wrote: When using the openssl command line utility, is a private RANDFILE per CA required for security reasons, or is it just fine to use a single RANDFILE for everything (i.e. the default ~/.rnd)? Older configuration files seem to indicate the former, but is this still true? IOW, I am looking for an answer to whether not having its own RANDFILE degrades the security of a CA. I would say it degrades it, as it makes the randomness used by each CA less random. I would also suggest getting a real hardware RNG source and directly or indirectly feeding it into OpenSSL. Thank you for the answer. I am after something more specific though: The openssl req, ca, etc. commands always load the RANDFILE, even if an acceptable source for seeding the PRNG exists. This means that RANDFILE is mixed into an already good seed [1]. Given that RANDFILE contains good data as well, I would assume this has exactly zero effect on the quality of the seed. I lack the maths degree to be certain about this though. Thanks again, Stefan [1] http://www.openssl.org/docs/crypto/RAND_add.html -- Stefan H. Holek ste...@epy.co.at __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Private RANDFILE per CA required?
On 10/2/2012 2:04 PM, Stefan H. Holek wrote: Hi All, Here is something I am not able to figure out, even after checking the FAQ and the rand(3) man page: When using the openssl command line utility, is a private RANDFILE per CA required for security reasons, or is it just fine to use a single RANDFILE for everything (i.e. the default ~/.rnd)? Older configuration files seem to indicate the former, but is this still true? IOW, I am looking for an answer to whether not having its own RANDFILE degrades the security of a CA. Thank you, Stefan I would say it degrades it, as it makes the randomness used by each CA less random. I would also suggest getting a real hardware RNG source and directly or indirectly feeding it into OpenSSL. These are commercially available and typically cheap, and they are still not included with most computer hardware, despite many failed initiatives in the past. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org