Tjyylli

Random body shuffle every night—can we still function?

What would you call this weird metallic apparatus that allows you to lift people?

Why is it faster to reheat something than it is to cook it?

What are the main differences between Stargate SG-1 cuts?

New Order #6: Easter Egg

Why complex landing gears are used instead of simple,reliability and light weight muscle wire or shape memory alloys?

Does the Black Tentacles spell do damage twice at the start of turn to an already restrained creature?

Positioning dot before text in math mode

Asymptotics question

Can an iPhone 7 be made to function as a NFC Tag?

Should a wizard buy fine inks every time he want to copy spells into his spellbook?

Relating to the President and obstruction, were Mueller's conclusions preordained?

How much damage would a cupful of neutron star matter do to the Earth?

Is there hard evidence that the grant peer review system performs significantly better than random?

The Nth Gryphon Number

Does the Mueller report show a conspiracy between Russia and the Trump Campaign?

Central Vacuuming: Is it worth it, and how does it compare to normal vacuuming?

After Sam didn't return home in the end, were he and Al still friends?

How does light 'choose' between wave and particle behaviour?

Differences to CCompactSize and CVarInt

Monty Hall Problem-Probability Paradox

How do living politicians protect their readily obtainable signatures from misuse?

What initially awakened the Balrog?

How to write capital alpha?

Is openssl rand command cryptographically secure?

5

$begingroup$

I'm wondering if the openssl rand command produces cryptographically secure random bytes. For example when in need for a random password or token:

openssl rand -hex 32

The man page unfortunately does neither state it's cryptographically secure, nor that it's not.

On the one hand, I think this is openssl, its sole purpose is to do cryptography. On the other hand, the man page states something about reading and writing seed data instead of directly querying a CSPRNG.

So it is somewhat unclear for the end user. Does someone know?

random-number-generator openssl

share|improve this question

asked 8 hours ago

firefexxfirefexx

1624

$endgroup$

add a comment | 

5

$begingroup$

I'm wondering if the openssl rand command produces cryptographically secure random bytes. For example when in need for a random password or token:

openssl rand -hex 32

The man page unfortunately does neither state it's cryptographically secure, nor that it's not.

On the one hand, I think this is openssl, its sole purpose is to do cryptography. On the other hand, the man page states something about reading and writing seed data instead of directly querying a CSPRNG.

So it is somewhat unclear for the end user. Does someone know?

random-number-generator openssl

share|improve this question

asked 8 hours ago

firefexxfirefexx

1624

$endgroup$

add a comment | 

$begingroup$

I'm wondering if the openssl rand command produces cryptographically secure random bytes. For example when in need for a random password or token:

openssl rand -hex 32

The man page unfortunately does neither state it's cryptographically secure, nor that it's not.

On the one hand, I think this is openssl, its sole purpose is to do cryptography. On the other hand, the man page states something about reading and writing seed data instead of directly querying a CSPRNG.

So it is somewhat unclear for the end user. Does someone know?

random-number-generator openssl

share|improve this question

asked 8 hours ago

firefexxfirefexx

1624

$endgroup$

openssl rand -hex 32

share|improve this question

asked 8 hours ago

firefexxfirefexx

1624

share|improve this question

asked 8 hours ago

firefexxfirefexx

1624

asked 8 hours ago

firefexxfirefexx

1624

asked 8 hours ago

firefexxfirefexx

1624

1 Answer
1

active

oldest

votes

5

$begingroup$

Yes, it is cryptographically secure, pseudo random output, seeded by retrieving secure random data from the operating system.

If it is random or not depends on the fact if the OS RNG is random. This is usually the case on normal desktops, but you'd better be sure for e.g. limited embedded systems. If no truly random data can be retrieved - according to RAND_bytes - then rand will exit with an error.

---

Any random source that you add using -rand [file][:file]* is used as additional seed data - in other words, the output will always be random, even if you supply the same seed.

As the pseudo random generator provided by OpenSSL generally runs in the application space on the main thread, it may be faster than asking a lot of data from /dev/urandom. But to be honest, most of the time using /dev/urandom suffices (and current implementations are pretty fast as well).

---

You can see that it is random when you look at the link to the RAND_bytes manual page which is the function that lies behind command line rand and is linked to from the manual page (in the "see also section, but yeah"):

RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf. An error occurs if the PRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.

That RAND_bytes() is used can be found in the source file for the rand command, rand.c, so yes, this is indeed the function that is called.

share|improve this answer

edited 6 hours ago

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196

$endgroup$

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "281"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68919%2fis-openssl-rand-command-cryptographically-secure%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

5

$begingroup$

Yes, it is cryptographically secure, pseudo random output, seeded by retrieving secure random data from the operating system.

If it is random or not depends on the fact if the OS RNG is random. This is usually the case on normal desktops, but you'd better be sure for e.g. limited embedded systems. If no truly random data can be retrieved - according to RAND_bytes - then rand will exit with an error.

---

Any random source that you add using -rand [file][:file]* is used as additional seed data - in other words, the output will always be random, even if you supply the same seed.

As the pseudo random generator provided by OpenSSL generally runs in the application space on the main thread, it may be faster than asking a lot of data from /dev/urandom. But to be honest, most of the time using /dev/urandom suffices (and current implementations are pretty fast as well).

---

You can see that it is random when you look at the link to the RAND_bytes manual page which is the function that lies behind command line rand and is linked to from the manual page (in the "see also section, but yeah"):

RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf. An error occurs if the PRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.

That RAND_bytes() is used can be found in the source file for the rand command, rand.c, so yes, this is indeed the function that is called.

share|improve this answer

edited 6 hours ago

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196

$endgroup$

add a comment | 

5

$begingroup$

Yes, it is cryptographically secure, pseudo random output, seeded by retrieving secure random data from the operating system.

If it is random or not depends on the fact if the OS RNG is random. This is usually the case on normal desktops, but you'd better be sure for e.g. limited embedded systems. If no truly random data can be retrieved - according to RAND_bytes - then rand will exit with an error.

---

Any random source that you add using -rand [file][:file]* is used as additional seed data - in other words, the output will always be random, even if you supply the same seed.

As the pseudo random generator provided by OpenSSL generally runs in the application space on the main thread, it may be faster than asking a lot of data from /dev/urandom. But to be honest, most of the time using /dev/urandom suffices (and current implementations are pretty fast as well).

---

You can see that it is random when you look at the link to the RAND_bytes manual page which is the function that lies behind command line rand and is linked to from the manual page (in the "see also section, but yeah"):

RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf. An error occurs if the PRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.

That RAND_bytes() is used can be found in the source file for the rand command, rand.c, so yes, this is indeed the function that is called.

share|improve this answer

edited 6 hours ago

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196

$endgroup$

add a comment | 

$begingroup$

Yes, it is cryptographically secure, pseudo random output, seeded by retrieving secure random data from the operating system.

If it is random or not depends on the fact if the OS RNG is random. This is usually the case on normal desktops, but you'd better be sure for e.g. limited embedded systems. If no truly random data can be retrieved - according to RAND_bytes - then rand will exit with an error.

---

Any random source that you add using -rand [file][:file]* is used as additional seed data - in other words, the output will always be random, even if you supply the same seed.

As the pseudo random generator provided by OpenSSL generally runs in the application space on the main thread, it may be faster than asking a lot of data from /dev/urandom. But to be honest, most of the time using /dev/urandom suffices (and current implementations are pretty fast as well).

---

You can see that it is random when you look at the link to the RAND_bytes manual page which is the function that lies behind command line rand and is linked to from the manual page (in the "see also section, but yeah"):

RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf. An error occurs if the PRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.

That RAND_bytes() is used can be found in the source file for the rand command, rand.c, so yes, this is indeed the function that is called.

share|improve this answer

edited 6 hours ago

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196

$endgroup$

share|improve this answer

edited 6 hours ago

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196

answered 7 hours ago

Maarten Bodewes♦Maarten Bodewes

56.1k679196