Hi group,

I have a C program that does peer to peer functions. I am using RSA PKI to encrypt the packets. I need to be able to generate the same PKI keys on both machines. So I don't want to use a random seed. RSA_generate_key() calls random. Is there another API I can use that does not use random?

Thanks for your time.

Wouldn't it be better to use the public-key encryption to send a common (random) passphrase, and then use symmetric encryption for the data itself? IIRC this is how SSL works.

(DISCLAIMER: I'm a total newbie at the moment. Take everything I say with several grains of salt.)

Just save yourself a lot of trouble and set up a VPN connection or an SSH tunnel between the two machines ... using digital certificates to secure the link.

If you are using PKI and feel the need to have "identical keys on both machines," you're missing the entire point ... barking up the wrong tree, as they say. Step back from your strategy and take a closer look. Or, describe what you're doing on this forum so that others can help you to use PKI more effectively.

Basically ... I think that you shouldn't have to "cobble up your own" solution here. (Actum Ne Agas: Do Not Do A Thing Already Done.™) And that, if for some reason you do, you're definitely not using PKI in the manner that its designers intended. Don't keep banging your head against this problem, because it's the wrong problem.

1 members found this post helpful.