[Ach] Fwd: Bug/Ba in OpenSSL
Klaus Darilion
klaus.darilion at nic.at
Mon Nov 25 08:35:59 CET 2013
On 25.11.2013 04:36, Aaron Zauner wrote:
> I'm not aware of any projects or code that is using this random number
> generator of the FIPS module in OpenSSL. There is a lot of unused but
> still implemented code in OpenSSL. I might be wrong, if so please
> provide details.
>
> BTW. Matt Green wrote an insteresting blog post about this RNG:
> http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html
Maybe it would be useful to add some words about random generators too.
E.g. practical advices to get good random generators and lots of entropy
if you need to generate lots of key materials (e.g. tools like entropy
tokens, haveged, ...)
Thanks
Klaus
More information about the Ach
mailing list