[Opendnssec-develop] True Random Number Generator

Rick van Rein rick at openfortress.nl
Wed Jan 7 14:04:12 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Rickard,

Although you are asking for device support and not for the need for lots
of random bits, please allow me to comment on the need of these devices:

> We at .SE are using the Araneus Alea I (a True Random Number Generator on an USB interface, http://www.araneus.fi/products-alea-eng.html) in our current DNSSEC software. Is there any general interest of supporting this or other similar solutions in the SoftHSM?

A good random source (which cannot be tapped ro replayed) is of the utmost
importance for DSA signing, because every signature needs a fresh random
number.  (If not, and you'd know that two sigs were made with the same
"random" number, they'd reduce to a set of two equations with two unknown
variables, which are trivially solved.  NSA may have forgotten to mention
that when introducing DSA.)

RSA is a different matter.  With that, random material is only needed
when generating keys.  Unless you are signing loads and loads of domains
you need nothing to speed up random generation for that, I'd imagine.
A _good_ source is still advisable of course, and hardware is so incoherent
it produces far better generators than software.

When signing for DNSSEC, the choice between RSA and DSA is easy:
 - RSA keysizes can be increased as security demands;
 - RSA needs no masses of random material when in signing operation;
 - RSA validates much quicker than DSA.

Hope this helps,

Rick van Rein
OpenFortress Digital signatures
http://openfortress.nl/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: New to PGP? http://openfortress.nl/doc/essay/OpenPGP/index.nl.html

iD8DBQFJZLYvFBGpwol1RgYRAsDtAJ9aZlLahiHOhzX4ZJ5ISRsQv35G7ACfSIR/
5afZyfaXCEbjIb1M+feaBG0=
=m4wU
-----END PGP SIGNATURE-----



More information about the Opendnssec-develop mailing list