When do I need to randomize?

Discussion of open issues, suggestions and bugs regarding network security and data protection solution - SecureBridge
Post Reply
zd
Posts: 78
Joined: Sun 01 Jul 2007 13:16

When do I need to randomize?

Post by zd » Wed 10 Nov 2010 22:41

Hi!

I've read the documentation and looked at the examples, but I still don't understand when I will need randomizations in my program. (like the example with the random mouse movements)

Do I need to randomize when generating client/server keys?

If both the client and the server have the keys already (they are transferred offline) do I need to randomize each time before making a connection?

Thanks!
Top
Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Fri 12 Nov 2010 15:01

You need to perform randomization when you are generating client/server keys and before you are making a connection.
When establishing a connection to the SSH server, random numbers for creating session keys (not client/server keys) are generated. These keys will be used in the data encryption algorithms. For getting random numbers, pseudo random number generators are used. Before using the pseudo random number generator, you should initialize it, by setting a start seed value.
Top
zd
Posts: 78
Joined: Sun 01 Jul 2007 13:16

Post by zd » Sat 13 Nov 2010 16:44

Thank you for the information.

If I can't have any user input for randomization (mouse movements, pressing keys, etc.) what can I do?

If I don't call Randomize at all, will the key generating and the session generating algorythms automatically call it?
Top
Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Tue 16 Nov 2010 13:50

When you don't call Randomize, SecureBridge performes randomization basing on the system timer readout.
Top
Post Reply

Return to “SecureBridge”