Reply to Re: Re: Re: [PHP] Re: Delay at first use of OpenSSL functions

Your name:

Reply:


Posted by Vladas Shukevichus on 01/18/05 23:58

Thanks a lot for such a superb explanation!
It's clear now why OpenSSL gather entropy for such a long time, it
just doesn't
have any external source of it.
But I still need my scripts run as fast as possible :)
There are Windows 2003 + IIS6, so there are no any dev/random device,
OpenSSL use by default...
Would you be so king to point what can be done to make OpenSSL work
on
Windows as fast as it work on Unix with a kernel-level entropy
source?
18.01.2005 21:20:16
Bret Hughes <bhughes@elevating.com> wrote in message
<1106076016.15123.72.camel@bretsony>

> On Tue, 2005-01-18 at 11:45, Vladas Shukevichus wrote:
> > 18.01.2005 18:06:31
> > Marek Kilimajer <lists@kilimajer.net> wrote in message
> > <41ED3407.7040706@kilimajer.net>
> >
> > > M. Sokolewicz wrote:
> > > > didn't you read what wez said? they're gathering entropy...
you
> > *can't*
> > > > (and shouldn't want to) prevent that.
> > > >
> > >
> > > Or get some good entropy source
> >
> > Can you explain this a bit? How can I do this?
> >
>
> Now you getting back to the "there are only six people in the
world
> that understand encryption deal" :)
>
> entropy in these terms ( as I understand it ) is a source of
randomness
> used by open ssl. I believe /dev/random is the source for this on
a
> linux system. various system events cause random characters to be
added
> to the entropy pool that is then accessed via /dev/random. I rna
into
> this a couple of years ago setting up a freeswan link that was
taking
> forever (hours) to generate the keys. Turns out that since I was on
a
> headless scsi system there was a severe lack of entropy. At the
time,
> ide hard drive activity, mouse events and possibly keyboard
activity
> were the primary inputs into the pool. If your system needs a lot
of
> randomness there are various random number generators available.
>
> Do some searching, cryptogeeks take thier randomness very seriously.
I
> had no idea until I ran into this. The coolest one I found was a
> lavalamp array that had a camera pointed at it and the output was
> massaged to generate the random data. Last I heard, even this was
being
> debated as to whether it was random enough.
>
> this is important enough that Via puts a random number generator
built
> into the epia boards so appliances will have enough of an entropy
pool
> to quickly establish vpns.
>
> Have fun learing about it. I did.
>
> Having said all this, you might try moving the server mouse around
> immediatly before and during the transaction to see if its faster.
>
>
> HTH
>
> Bret

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация