I was wondering if anyone knew if Cisco IOS (that is, the mainline IOS, not the XE or XR trains) had an internal secure random number generator similar to Unix-style /dev/urandom? If so, what and if not, what does eg. OpenSSL use for seed entropy in Cisco IOS?
YES, Cisco IOS makes use of a PRNG (Pseudo Random Number Generator) in images where encryption features are available.
This applies at least to K8 and K9 IOS image types. Sometimes, this PRNG fails and you get error messages on the console, like this one:
"UTIL-6-RANDOM: A pseudo-random number was generated twice in succession"
Related
Working on a Win32 API GUI application in Modula-2 (ISO) and there does not appear to be a way to generate random numbers in the libraries. Before I roll my own PRNG (for fun simulation purpose only, does not need to be cryptographically sound), is there a way to get a random number from Windows?
Every time I call RAND_bytes and RAND_pseudo_bytes, with the same seed, it returns different random numbers and I don't understand why. It said that the PRNG automatically seeds itself from /dev/urandom in Linux, but how does it work in Windows?
Why does the same seed lead to different random numbers?
Why does the same seed lead to different random numbers?
You can read about the general design of the rand subsystem at Random Numbers on the OpenSSL wiki. The reason the same seed produces different random numbers is...
It depends on the generator. If you are using the default generator, then you are using md_rand. If you look at the source code for md_rand.c, then you will see rand_bytes adds entropy at each invocation with system calls to functions like time.
On Linux rand_bytes also adds the result of getpid; and on Windows it adds the result of GetSystemTime and SystemTimeToFileTime.
Adding entropy at each invocation is a good design practice for RNGs. Also see When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities
and Hedging Deployed Cryptography and When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments.
I have an embedded device using the standard glibc srand()/rand() functions to generate pseudo-random values. For the same seed x I need to get the same values for rand() on a Windows machine. To my surpise however, this isn't as simple as it seems.
Glibc apparently used two algorithms for it's random number generator. An older one, described here, and a newer one, which my embedded device uses. How can I implement the latter on another platform? My knowlegde of C isn't thorough enough to understand what exactly is happening there.
We need to migrate to a better RNG or RBG for some key value generation which will be further used for encryption of the data.
Which will be the most suitable algorithm? Shall I consider NIST doc for this?
Any pseudo random number generator that produces a Gaussian distribution and that has a wide output (say at least 32 bits) should be enough for creating keys. It's up to you to determine your needs and then find a matching RNG.
For more info, see http://www.random.org/randomness.
Depending on the language you choose to implement this, I'm sure you can find source code for pseudo-RNG on the Web, if the one built-in into your system isn't good enough.
As we are a programming site, I would seriously look at the secure random number generators at your disposal in your particular runtime environment. In general you will have to rely on system resources to generate randoms, at least to seed the pseudo random number generator. The only possible exception are CPU specific random instructions, such as the ones used on the latest Intel CPU's (hopefully well-tested secure RNGs will become a main feature of CPU's).
Within many programming environments there is very little choice but to use OpenSSL or /dev/random for seeding. In general it is hard to find useful information about the random number generator. Sometimes the RNG is really not suitable at all (e.g. the native PHP version).
If possible, try to find something that conforms to NIST requirements.
I want to produce a random cryptographic key on Windows. Where can I obtain entropy?
I would like my entropy function to work without a network connection and to be reliable on Windows 2000 and upwards. Even sources which may or may not provide a small amount of entropy could be useful as all the sources will be pooled.
This is my initial list of functions:
GetCurrentProcessID,
GetCurrentThreadID,
GetTickCount,
GetLocalTime,
QueryPerformanceCounter,
GlobalMemoryStatus,
GetDiskFreeSpace,
GetComputerName,
GetUserName,
GetCursorPos,
GetMessageTime,
GetSystemInfo,
CryptGenRandom,
GetProcessHandleCount,
GetProcessMemoryInfo.
Although early versions of the CryptGenRandom function may contain weaknesses later versions follow secure standards (see remarks on the CrypGenRandom page.)
It is weak to just use time as your seed. There is an answer under What is the most secure seed for random number generation? which explains that the unpredictable random seed may only need 128 bits to produce a secure PRNG. It is therefore probably unnecessary to find more sources than those listed in the question, and normally the CryptGenRandom function will already contain and generate enough entropy for itself that the caller does not need to do any of this.
CryptGenRandom and the function CryptAcquireContext which must preceed it can be called from Delphi like this.
If its an option you can ask user to move mouse pointer for a while.
The only external source that most machines have is Mic In/Line In, call waveInOpen+waveInPrepareHeader+waveInAddBuffer+waveInStart. How random that is probably depends on the hardware...