bionknow.blogg.se - Pwgen in java

#Pwgen in java generator#
#Pwgen in java manual#
#Pwgen in java full#

In particular, what you may want is one or several sources of TRNG (True Random Number Generator), ie. So, security-wise, your main concern here may not be which one from OpenSSL or /dev/urandom to use (especially when you know now that the former relies on the latter behind the scene), but to ensure the quality of the seeding. The unpredictability of the produced numbers is therefore directly dependent on the unpredictability of the seeds.

Weakness: as their name state they both are pseudo random number generator, meaning they both are deterministic algorithms which, given the same seeds, will produce the same output.

Strength: both are mature and well audited code generally accepted as cryptographically secure PRNG,.

However, the fact is that in most cases both will share the same strengths and weaknesses:

#Pwgen in java full#

This could most probably fill a volume full of mathematical formulas, and to make it worse OpenSSL and the Linux PRNG are not independent since OpenSSL will use /dev/urandom as a default seed, and there are ongoing work to provide an alternative PRNG for Linux (you can see Stephan Müller work on the subject here and there and also his discussions on the linux kernel mailing list). You seem to ask for a comparative study on the PRNG (pseudo-random number generators) used by default by OpenSSL and the Linux kernel. Is OpenSSL help suggesting to use pkcs#8 for generating both the private and public key or only for generating the public key from the private key?ĭo you suggest any other method to generate more secure asymmetric keys? Note this command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the pkcs8 utility. They can be converted between various forms and their components printed out. Now when I read OpenSSL help regarding rsa it says: Public key generation from private key: openssl rsa -in keyfile.key -pubout -out keyfile.pub Private key generation: openssl genrsa -out keyfile.key 4096 However we have seed enough entropy to generate more secure random number.Ĭan we ask OpenSSL to take random number from /dev/urandom? Asymmetric key

#Pwgen in java manual#

Which method is more random, Method 1 or Method 2? I am inclined to think that Method 2 is random enough and the manual page of random, urandom suggest to use urandom in case one is not sure about it. Method 3: cat /dev/random | head -n 128 > sym_keyfile.key Method 2: cat /dev/urandom | head -n 128 > sym_keyfile.key 128, 192 or 256, affect encryption and decryption? Is is only time taken for encryption and decryption? Method 1: openssl rand 128 > sym_keyfile.key Now regarding generation of the symmetric key and asymmetric keys (mainly in Bash script) I have the following doubts. I refer to this blog for hybrid encryption idea. symmetric for encryption big firmware file and asymmetric for encrypting symmetric key file. Import are using Beaglebone Black based custom board, and want to use hybrid encryption for encrypting firmware file, i.e.

#Pwgen in java generator#

This solution will generate random password using SUN java access manager password generator plugin and the password will be saved to corresponding user attribute