How does the OpenSSL‘s PRNG works in Windows?
Question
Every time I call RAND_bytes and RAND_pseudo_bytes , with the same seed, it returns different random numbers and I don't understand why. It said that the PRNG automatically seeds itself from /dev/urandom in Linux, but how does it work in Windows?
Why does the same seed lead to different random numbers?
1 answers
solution1
-1 2017-05-10 02:08:55
Why does the same seed lead to different random numbers?
You can read about the general design of the rand subsystem at Random Numbers on the OpenSSL wiki. The reason the same seed produces different random numbers is...
It depends on the generator. If you are using the default generator, then you are using md_rand . If you look at the source code for md_rand.c , then you will see rand_bytes adds entropy at each invocation with system calls to functions like time .
On Linux rand_bytes also adds the result of getpid ; and on Windows it adds the result of GetSystemTime and SystemTimeToFileTime .
Adding entropy at each invocation is a good design practice for RNGs. Also see When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography and When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.