login about faq

Really good randomness is the corner stone of every crypt lib.

Can you please clarify how randomness is achieved in CkCrypt and CkRsa libraries?

Does Ck uses the random generator of underlying OS/API? Or do you use an own algorithm to generate randomness? Do you have internal quality test cases?

Thanx!

asked Jul 25 '13 at 08:18

Marco's gravatar image

Marco
6346


On Windows-based systems, CryptGenRandom is used. (see http://msdn.microsoft.com/en-us/library/windows/desktop/aa379942%28v=vs.85%29.aspx )

On Linux, Mac OS X, and other Unix type systems, Chilkat uses /dev/urandom

link

answered Jul 25 '13 at 20:03

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Out of wikipedia:

A counterpart to /dev/random is /dev/urandom ("unlocked"/non-blocking random source[4]) which reuses the internal pool to produce more pseudo-random bits. This means that the call will not block, but the output may contain less entropy than the corresponding read from /dev/random. While it is still intended as a pseudorandom number generator suitable for most cryptographic purposes, it is not recommended for the generation of long-term cryptographic keys.

Can you please add a possibility to provide an own random function, put own random byte pool to crypt lib and/or enable usage of /dev/random instead of urandom.

/dev/urandom is really not a good choice to generate long lasting RSA keys.

link

answered Sep 14 '13 at 08:18

Marco's gravatar image

Marco
6346

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×47
×33
×4
×3

Asked: Jul 25 '13 at 08:18

Seen: 1,631 times

Last updated: Sep 14 '13 at 08:18

powered by OSQA