[openssl-users] using a random number file for generation of keys/certificates
Mike Mohr
akihana at gmail.com
Thu Sep 3 09:23:29 UTC 2015
Once you've written the random data to secondary storage you've permanently
compromised the integrity of any cryptographic secrets generated from it.
Depending on your threat model, underlying storage media, filesystem, and
other factors the data files may be recoverable indefinitely (especially if
you're using solid-state disks, due to their internal wear-leveling
algorithms). Don't do that.
The cryptographic secrets contained in your existing CA infrastructure were
presumably generated using some sort of PRNG, so you'd have to regenerate
them if you think the PRNG was somehow compromised. If not, you can use
the TRNG for all newly issued certificates moving forward. However, I'd
suggest not using one of the proprietary devices which are encased in epoxy
... you have no way to verify that they're doing what they say they are.
The data quality coming out of those is fairly suspect in my mind (despite
any positive results from e.g. dieharder, etc).
On Wed, Sep 2, 2015 at 9:53 PM, Kevin Long <kevinlong206 at gmail.com> wrote:
>
>
> Hello,
>
> I’m using openssl to administer a root/intermediate CA and I use the
> certificates for a number of web servers and other applications. All of my
> users install my root CA certificate for trust.
>
> I’ve been asked to use a hardware random number generator to create the
> keys/certificates going forward. I have a hardware RNG, and have created
> several files of random numbers using it, and I would like to know:
>
> 1) Can I specify my random numbers file to create keys/certificates from
> my CA (openssl command line, mac or linux)
>
> 2) Will this actually do any good, security wise, given how openssl
> certs/keys “work”. My users and superiors are concerned with backdoors in
> PRNGs and RNG predictabilities.
>
> 3) If I can indeed use my own random numbers, does this mean I have to
> start my CA from scratch to take advantage of any benefit using “true”
> random numbers from my hardware RNG? or would simply using my RN’s for the
> generation of keys for new certificates going forward allow for the
> benefit the true randomness gives.
>
> Thank you.
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150903/4b360871/attachment.html>
More information about the openssl-users
mailing list