[openssl-users] using a random number file for generation of keys/certificates

Kevin Long kevinlong206 at gmail.com
Thu Sep 3 18:06:57 UTC 2015


Hi Mike (and all).

Thanks for the info.  I understand the implications of storing the randomized data to storage and precautions would be taken to air-gap this info from the outside world.  


> If not, you can use the TRNG for all newly issued certificates moving forward.

Can you pease syntax? I have googled but I’m unclear if this would be with -rand flag, or setting the RANDFILE variable, or something else.  Provided the randomized numbers are in a binary file, can you advise how to use this file for the generation of future keys/certs from the existing CA.

Thank you






> On Sep 3, 2015, at 2:23 AM, Mike Mohr <akihana at gmail.com> wrote:
> 
> Once you've written the random data to secondary storage you've permanently compromised the integrity of any cryptographic secrets generated from it.  Depending on your threat model, underlying storage media, filesystem, and other factors the data files may be recoverable indefinitely (especially if you're using solid-state disks, due to their internal wear-leveling algorithms).  Don't do that.
> 
> The cryptographic secrets contained in your existing CA infrastructure were presumably generated using some sort of PRNG, so you'd have to regenerate them if you think the PRNG was somehow compromised.  If not, you can use the TRNG for all newly issued certificates moving forward.  However, I'd suggest not using one of the proprietary devices which are encased in epoxy ... you have no way to verify that they're doing what they say they are.  The data quality coming out of those is fairly suspect in my mind (despite any positive results from e.g. dieharder, etc).
> 
> On Wed, Sep 2, 2015 at 9:53 PM, Kevin Long <kevinlong206 at gmail.com <mailto:kevinlong206 at gmail.com>> wrote:
> 
> 
> Hello,
> 
> I’m using openssl to administer a root/intermediate CA  and I use the certificates for a number of web servers and other applications. All of my users install my root CA certificate for trust.
> 
> I’ve been asked to use a hardware random number generator to create the keys/certificates going forward. I have a hardware RNG, and have created several files of random numbers using it, and I would like to know:
> 
> 1) Can I specify my random numbers file to create keys/certificates from my CA (openssl command line, mac or linux)
> 
> 2) Will this actually do any good, security wise,  given how openssl certs/keys “work”.  My users and superiors are concerned with backdoors in PRNGs and RNG predictabilities.
> 
> 3) If I can indeed use my own random numbers, does this mean I have to start my CA from scratch to take advantage of any benefit using “true” random numbers from my hardware RNG? or would simply using my RN’s for the generation of  keys for new certificates going forward allow for the benefit the true randomness gives.
> 
> Thank you.
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users <https://mta.openssl.org/mailman/listinfo/openssl-users>
> 
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150903/91abcdaa/attachment.html>


More information about the openssl-users mailing list