Windows中OpenSSL的PRNG如何工作?
[英]How does the OpenSSL‘s PRNG works in Windows?
问题描述
Every time I call RAND_bytes and RAND_pseudo_bytes , with the same seed, it returns different random numbers and I don't understand why. 
每次我用相同的种子调用RAND_bytes和RAND_pseudo_bytes ,它返回不同的随机数,我不明白为什么。 It said that the PRNG automatically seeds itself from /dev/urandom in Linux, but how does it work in Windows? 它说PRNG在Linux中自动从/dev/urandom播种,但是在Windows中它如何工作?
Why does the same seed lead to different random numbers? 为什么同一个种子会导致不同的随机数?
1 个解决方案
解决方案1
-1 2017-05-10 02:08:55
Why does the same seed lead to different random numbers?
You can read about the general design of the rand subsystem at Random Numbers on the OpenSSL wiki. 您可以在OpenSSL Wiki上的随机数中了解有关rand子系统的一般设计。 The reason the same seed produces different random numbers is... 同一种子产生不同随机数的原因是...
It depends on the generator. 这取决于发电机。 If you are using the default generator, then you are using md_rand . 如果使用默认生成器,则使用md_rand 。 If you look at the source code for md_rand.c , then you will see rand_bytes adds entropy at each invocation with system calls to functions like time . 如果您查看md_rand.c的源代码 ,那么您将看到rand_bytes在每次调用时都增加了熵,并带有对诸如time函数的系统调用。
On Linux rand_bytes also adds the result of getpid ; 在Linux上, rand_bytes还添加了getpid的结果; and on Windows it adds the result of GetSystemTime and SystemTimeToFileTime . 在Windows上,它会添加GetSystemTime和SystemTimeToFileTime的结果。
Adding entropy at each invocation is a good design practice for RNGs. 对于RNG,在每次调用时添加熵是一个好的设计实践。 Also see When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography and When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments . 另请参见何时良好的随机性变得很糟糕:虚拟机重置漏洞和对冲已部署的加密技术以及何时虚拟性比真实困难:基于虚拟机的计算环境中的安全性挑战 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.