[cryptography] Duplicate primes in lots of RSA moduli

Nico Williams nico at cryptonector.com
Thu Feb 16 15:43:54 EST 2012


On Thu, Feb 16, 2012 at 12:00 PM, Ben Laurie <ben at links.org> wrote:
> So, the underlying issue is not a poor design choice in OpenSSL, but
> poor seeding in some applications.

Applications (in the Unix sense) should not be the ones seeding the
system's PRNG.  The system should ensure that there is enough entropy
and seed its own PRNG (and mix in new entropy).  This is why we have
/dev/*random.

(That's not a slight to OpenSSL, FYI.)

Nico
--



More information about the cryptography mailing list