If openssl uses a lot of CPU then it is not blocked waiting for "entropy". OpenSSL is actually sane in that respect, and uses a cryptographically secure PRNG to extend an initial seed into as many bits as it needs. When you use dhparam , OpenSSL not only generates DH parameters; it also wants to assert his social status by taking care to use for the modulus a so-called "strong prime", which is useless for security but requires an awful lot more computational effort. A "strong prime" is a prime p such that ( p -1)/2 is also prime. The prime generation algorithm looks like this: Generate a random odd integer p . Test whether p is prime. If not, loop. Test whether ( p -1)/2 is prime. If not, loop. Random odd 4096-bit integers are probability about 1/2000 to be prime, and since both p and ( p -1)/2 must be prime, this will need on average generating and testing for primality about 4 millions of odd...
Comments
Post a Comment