Skip to content

Instantly share code, notes, and snippets.



Created Mar 20, 2017
What would you like to do?
Test OpenSSL RSA Random Number Generator
# -- @DefuseSec
echo -n >/tmp/primes.txt
# Generate 1000 primes.
for i in {1..500}; do
# Use 192-bit keys for speed (could potentially mask RNG bugs that only affect bigger keys)
openssl genrsa 192 2>/dev/null | \
openssl rsa -text 2>/dev/null |\
sed 'N;s/:\n//g' | sed 'N;s/:\n//g'| sed 'N;s/:\n//g' | sed 'N;s/:\n//g' | sed 'N;s/:\n//g' |\
grep prime | sed 's/prime[12]//g' | sed 's/[ :]//g' >> /tmp/primes.txt
sort /tmp/primes.txt | uniq -c | sort -snr | head -n 10
echo "..."

This comment has been minimized.

Copy link
Owner Author

@defuse defuse commented Mar 21, 2017

I ran it for 100,000 total primes on up-to-date Debian and Arch and there were no duplicates found. I'll run it for 1,000,000 total primes just to see.

The slide that inspired me to write this seemed to need 10s of millions of primes to see a collision though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.