Hi Everyone,
Just a quick public service announcement for DUHK attacks (
https://duhkattack.com/).
The default random number generator for the library is AutoSeededRandomPool. It is a AES-based PGP-style generator that gets its seed from the OS's entropy pool. The pools are /dev/random, /dev/urandom or CryptGenRandom.
The FIPS DLL used AutoSeededX917RNG<AES>, but the seed was taken from the OS pool rather than time. The pool sources are /dev/random, /dev/urandom or CryptGenRandom. You should be OK as long as you allowed the generator to seed itself with
OS_GenerateRandomBlock. If you supplied a time-based seed then you could be in trouble.
Also see the DefaultAutoSeededRNG class and AutoSeededX917RNG<BLOCK_CIPHER>::Reseed() in
https://github.com/weidai11/cryptopp/blob/master/osrng.h; and
https://www.cryptopp.com/wiki/RandomNumberGenerator on the wiki.
Jeff