[cabfpub] Definition of Random Value on draft ballot re new domain validation methods
Gervase Markham
gerv at mozilla.org
Tue May 5 13:24:14 UTC 2015
On 05/05/15 02:37, kirk_hall at trendmicro.com wrote:
> The problem is, one of the most common random number generating tool is
> the MS GUID generator, and my understanding is that it falls just short
> of 128 bits of entropy.
>
> http://en.wikipedia.org/wiki/Globally_unique_identifier
>From the Wikipedia article "Cryptanalysis of the WinAPI GUID generator
shows that, since the sequence of V4 GUIDs is pseudo-random, given full
knowledge of the internal state, it is possible to predict previous and
subsequent values."
Given that GUIDs can be both randomly and non-randomly generated, and
given that the RNG used is not necessarily cryptographically strong, it
seems an unwise thing to change the standard to accommodate GUIDs.
While we don't plan to mandate details of the RNG, I would hope that all
CAs would be using cryptographically strong RNGs to generate any
randomness required at any point in their cert-creation operations.
Gerv
More information about the Public
mailing list