This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Neels Hofmeyr nhofmeyr at sysmocom.deOn Wed, Sep 27, 2017 at 07:57:43PM +0800, Harald Welte wrote: > For TMSI allocation, my "cryptographic gut feeling"[tm] is that something > like rand() or any other pseudo-random generator of significantly large > period is sufficient *if* it is seeded by a non-predictable value. So > something like seeding with getrandom() result should be fine? Also matches my gut feeling there. Might also make sense to periodically re-seed from /dev/urandom / getrandom(), like every 100 TMSIs, or based on a timeout might be easier to implement. > For long-term stable key (Ki/Op) generation for provisioning SIM cards + > populating a HLR, I would certainly opt for using stronger randomness > sources. However, I don't think we actually implement that anywhere, do > we? what does openssh use for public/private keypair generation? > What do you guys think? Is there somebody on this list more > cryptographically qualified to give us proper guidance? If you know > somebody skilled who might want to help but is not on this list, would > you invite them to join this discussion? I don't count myself as one of them, help is still appreciated. ~N -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://lists.osmocom.org/pipermail/openbsc/attachments/20170927/d221d3f4/attachment.bin>