<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Two bits of RTC is nowhere near enough entropy. I could break two bits by hand in a few seconds — there are only four possibilities.<div class=""><br class=""></div><div class="">The best outcome is an hardware random number generator. These are often not readily available.</div><div class=""><br class=""></div><div class="">Next would be waiting for enough entropy from interrupts, timers and the like.</div><div class=""><br class=""></div><div class="">You didn’t specify what operating system/kernel you are using so further advise is less than useful.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">Pauli<br class=""><div class="">
<div dir="auto" style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;">-- <br class="">Dr Paul Dale | Distinguished Architect | Cryptographic Foundations <br class="">Phone +61 7 3031 7217<br class="">Oracle Australia</div><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><br class=""></div><br class="Apple-interchange-newline"></div><br class="Apple-interchange-newline">
</div>
<div><br class=""><blockquote type="cite" class=""><div class="">On 16 Aug 2019, at 7:26 pm, Chitrang Srivastava <<a href="mailto:chitrang.srivastava@gmail.com" class="">chitrang.srivastava@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hi,<br class=""><div class=""><br class=""></div><div class="">I am working on an embedded platform and now ported openssl 1.1.1b</div><div class="">TLS 1.2/1.3 is working fine.</div><div class="">While analysing random number , Rand pool initialization calls where I am returning like this , </div><div class="">size_t <b class="">rand_pool_acquire_entropy</b>(RAND_POOL *pool)<br class="">{<br class=""> return rand_pool_entropy_available(pool);<br class="">} <br class=""></div><div class="">As noticed that <b class="">rand_unix.c</b> has an implementation wcih samples 2 bits of RTC, would that give enough entropy or any other recommendation to have enough entropy for embedded platforms?</div><div class=""><br class=""></div><div class="">Thanks,</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div></div>
</div></blockquote></div><br class=""></div></body></html>