[Ach] Fwd: Bug/Ba in OpenSSL

Klaus Darilion klaus.darilion at nic.at
Mon Nov 25 08:35:59 CET 2013

On 25.11.2013 04:36, Aaron Zauner wrote:
> I'm not aware of any projects or code that is using this random number 
> generator of the FIPS module in OpenSSL. There is a lot of unused but 
> still implemented code in OpenSSL. I might be wrong, if so please 
> provide details.
> BTW. Matt Green wrote an insteresting blog post about this RNG: 
> http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html

Maybe it would be useful to add some words about random generators too. 
E.g. practical advices to get good random generators and lots of entropy 
if you need to generate lots of key materials (e.g. tools like entropy 
tokens, haveged, ...)


More information about the Ach mailing list