[openssl-dev] [openssl.org #4227] openssl rand 10000000000 does not produce 10000000000 random bytes
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Jan 13 00:32:39 UTC 2016
On Wed, Jan 13, 2016 at 12:22:01AM +0000, Ole Tange via RT wrote:
> > key=$(openssl rand -hex 16)
> > iv=$(openssl rand -hex 16)
> > cat /dev/zero | openssl enc -aes-128-cbc -K $key -iv $iv
> >
> > is a better way to produce a random stream of arbitrary length,
> > it is also hardware accelerated (AESNI) on many systems.
>
> Great. But the normal user does not know this, and it is so complex
> that even an advanced user like me will have to look it up every time.
> Is there any reason why the above is not run instead of what `openssl
> rand` runs today?
>
> In other words: Why not change `openssl rand` to run what you would
> recommend people run anyway?
Because "openssl rand" is not at present a stream generator, and
was never intended to be one. It is also substantially slower
than the above.
There are better crypto-random stream generators like SHAKE256,
but it is faily new, and not yet available in OpenSSL.
In most cases, just overwriting a disk with zeros is as good as
with any other pattern.
--
Viktor.
More information about the openssl-dev
mailing list