[openssl-dev] Improving OpenSSL default RNG
Alessandro Ghedini
alessandro at ghedini.me
Fri Oct 23 17:19:11 UTC 2015
On Fri, Oct 23, 2015 at 04:34:11PM +0200, Dr. Matthias St. Pierre wrote:
>
> Hi,
>
> I have a related question concerning alternative RNGs, hope it is not too
> off-topic:
>
> Currently we are using the NIST-SP800-90a compliant DRBG (fips_drbg_method()),
> because it seemed to us to be more sophisticated and mature than the default
> RAND_SSLeay(). At least it's better documented and tested.
>
> Currently this DRBG is only available through the FIPS object module, so you
> need to build a FIPS capable OpenSSL library in order to use it.
>
> Shouldn't the FIPS DRBG code be added to the normal code base in master, too,
> as an alternative RNG implemtation? Or is the NIST-SP800-90a DRG construction
> already obsolete outside of FIPS world?
FWIW, the FIPS module was recently removed, so FIPS_drbg_method() is not present
in master anymore. I think there are plans to reimplement the whole thing, but
I don't know anything about that.
In general the NIST DRBGs seem fairly complicated (or completely untrustworthy
like Dual EC DRBG), so I'd rather have a different implementation as default
RNG for OpenSSL.
Cheers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151023/1c4a666e/attachment.sig>
More information about the openssl-dev
mailing list