[openssl-users] Long startup time and poor entropy on Windows due to inefficient heap walking In RAND_poll()

Noel Carboni NCarboni at ProDigitalSoftware.com
Mon Jan 19 15:48:54 UTC 2015


> You should seed OpenSSL's random number generator directly using CryptGenRandom (and other entropy you might have).
> Once the generator is seeded, it won't attempt to auto-seed itself with the RAND_poll gear.

Thank you for that workaround advice, Jeff.  I've passed it on to the folks using the library calls.

The OpenSSL library developers might still want to consider alternate heap walk coding, if for no other reason than for those who
use the library without having seen the wiki page mentioned and knowing they should seed it themselves.  

The library designers may feel the 1 second used in RAND_poll() is time well spent adding up memory blocks, when mostly it's just
wasted.  We measured a 1000 to 1 ratio between the time spent in Heap32Next() retrieving memory block pointers and the time spent
accumulating entropy in RAND_add().

Thanks again.

-Noel

-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Jeffrey Walton
Sent: Mon, January 19, 2015 12:02 AM
To: OpenSSL Users List
Subject: Re: [openssl-users] Long startup time and poor entropy on Windows due to inefficient heap walking In RAND_poll()

You should seed OpenSSL's random number generator directly using CryptGenRandom (and other entropy you might have).

Once the generator is seeded, it won't attempt to auto-seed itself with the RAND_poll gear.

Also see http://wiki.openssl.org/index.php/Random_Numbers. It advises that you seed the generator directly rather than depending on
the library doing it through RAND_poll.

Jeff



More information about the openssl-users mailing list