[openssl-project] Entropy seeding the DRBG
Richard Levitte
levitte at openssl.org
Wed May 2 03:52:19 UTC 2018
In message <20180501084317.GA32265 at roeckx.be> on Tue, 1 May 2018 10:43:17 +0200, Kurt Roeckx <kurt at roeckx.be> said:
kurt> If you actually follow SP800-90B, you should make a theoretical
kurt> model of how much entropy you expect, and then use the tool
kurt> to verify that your model is correct.
Errrr... look, I'm kind of a rookie in this particular area, so errr,
I'm not sure I have the knowledge to think of a theoretical model.
Given a crash course, I can probably come up with *something*, but at
this moment, I don't know where to start.
A side note to this discussion, the way the rand pool routines are
currently implemented, specifically rand_pool_bytes_needed(), we
cannot handle a source with less than 1 entropy bit per 8 bits of
data. Or well, it can, if that particular routine isn't used, but
considering it's a fairly crucial routine for entropy acquisition, I'd
say it needs a small change. PR coming up.
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project
mailing list