[openssl-dev] Work on a new RNG for OpenSSL

Matthias St. Pierre Matthias.St.Pierre at ncp-e.com
Wed Jun 28 14:42:25 UTC 2017 

Hello Matt,

I am not quite sure what your current favourite solution for the upcoming default OpenSSL random generator is. Are you favouring

- a DRBG  (following SP800-90Ar1) which is using the OS RNG as entropy source for (re-)seeding  or

- simply passing all generate requests over to the OS RNG?

It looks like you made two votes for the first and one vote for the second variant (see below). Could you please clarify your preference?

Regards,

Matthias St. Pierre


Vote 1:

On 27.06.2017 09:28, Matt Caswell wrote:
> On 26/06/17 21:18, Kurt Roeckx wrote:
>>>   “Recommendation for Random Number Generation Using Deterministic Random Bit Generators”
>>>   http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
>>>
>>> That design may look complicated, but if you think you can
>>> leave out some of the blocks in their diagram, proceed with
>>> caution.  Every one of those blocks is there for a reason.
>> SP800-90A (or revision 1) can clearly be used as reference on how
>> to implement it, even if we don't use an approved algorithm from
>> it. And I really think we should look at that document when
>> implementing it.
>>
>> There should probably also be an option to use an RNG that
>> conforms to it.
> I am strongly in favour of this approach. We should be led by standards.
>

Vote 2:   (comment on PR #3789: WIP: Add DRBG random method)

https://github.com/openssl/openssl/pull/3789#issuecomment-311494544


Vote 3:


On 28.06.2017 11:29, Matt Caswell wrote:
> On 27/06/17 19:50, Benjamin Kaduk wrote:
>> On 06/27/2017 02:28 AM, Matt Caswell wrote:
>>> On 26/06/17 21:18, Kurt Roeckx wrote:
>>>
>>>> I think it should by default be provided by the OS, and I don't
>>>> think any OS is documenting how much randomness it can provide.
>>>>
>>> I also agree that, by default, using the OS provided source makes a lot
>>> of sense.
>>>
>> Do you mean having openssl just pass through to
>> getrandom()/read()-from-'/dev/random'/etc. or just using those to seed
>> our own thing?
> I meant the former.
>
> Matt

More information about the openssl-dev mailing list