Re: key material

["Greg Kilford" <greg_kilford () hotmail com>]

Our discussion of A is as a generic bit stream of assumingly random nature 
from an arbitrary source, eg. mouse movements, etc.  But seriously speaking, 
it could be anything.  More importantly, what size of A would suffice in 
seeding the PRNG sufficiently for the output stream O after the seeding 
would be of sufficient entropy for RSA 1024/2048 modulo key materials.  Some 
of us are inclined to believe A should be of size/length 1024/2048 bits 
before the PRNG is seeded sufficiently while a few
of my pals are suggesting 64/128 or even 192 bits would suffice.  Very 
disparate gut feelings...


> From: Peter Conrad <conrad () tivano de>
> To: webappsec () securityfocus com
> Subject: Re: key material
> Date: Fri, 23 Apr 2004 10:05:23 +0200
>
> Hi,
>
> On Thu, Apr 22, 2004 at 11:29:36AM -0600, Greg Kilford wrote:
> >
> > I was juz discussing with my pals the other day on the appropriate 
> initial
> > input bit size to seed a PRNG of the structure below for it to be used 
> to
> > generate the random bits for RSA key material of modulus 1024 bits or 
> 2048
> > bits.  Anyone know what would be the ideal length/size of A so that 
> there
> > is sufficient entropy to generate the key material for RSA 1024/2048 
> bits
> > keys?
>
> that'll depend on how you use the output of the PRNG to generate an RSA 
> key.
> As a general rule I'd say A should have one bit of entropy for every bit
> of O that you use. You didn't tell us anything about how A is constructed,
> so we can't say how long it should be.
>
> Bye,
>         Peter
> --
> Peter Conrad                        Tel: +49 6102 / 80 99 072
> [ t]ivano Software GmbH             Fax: +49 6102 / 80 99 071
> Bahnhofstr. 18                      http://www.tivano.de/
> 63263 Neu-Isenburg
>
> Germany

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963