Solved

What is HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed and what is it used for?

Posted on 2004-04-07
9
39,533 Views
Last Modified: 2011-08-18
What is HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed and what is it used for?
0
Comment
Question by:johnqgalt
  • 3
  • 2
9 Comments
 
LVL 1

Accepted Solution

by:
20LILY00 earned 250 total points
ID: 10784003
0
 

Assisted Solution

by:ometecuhtli2001
ometecuhtli2001 earned 250 total points
ID: 10784363
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed is a seed for a cryptographic random number.  There are two ways to generate seeds for random numbers in cryptography:  using hardware and using software.  Hardware-based number generation involves connecting special hardware to the computer, which is dedicated to crypto applications.  This registry key appears to be for the software-based method.  The CSP's or cryptographic service providers are able to use this (for example) when generating a password hash.  If you open up c:\winnt\system32\rsabase.dll and do a search for "crypto" you will come across a reference to HKLM\SOFTWARE\Microsoft\Cryptography\RNG.  This particular DLL is the base cryptographic provider which appears to provide RSA encryption, possibly in support of other CSP's, but don't quote me on that. :-)
0
 

Author Comment

by:johnqgalt
ID: 10789201
Thank you for your comments. Can you please explain why  HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed is so frequently used by applications which do not even use crypto? For example, opening a simple application like MS Paint or metapad results in 6 or 7 "set value" actions in this key. Why is that?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Expert Comment

by:ometecuhtli2001
ID: 10795442
I just checked my copy of mspaint.exe (running Windows XP v2002) and I didn't find any occurrence of "crypto" or "seed."  Maybe a DLL it calls does this as part of its initialization routine or there's something wrong with your mspaint.exe (i.e., infection).  As it was, I had to dig hard and deep to even come up with what little info I was able to give you.  This is probably a question for Microsoft support, and quite frankly I'd be very surprised if they had an even halfway satisfactory answer, because the support people probably don't even know and they work for the company that writes the software!  I run Windows 2000 SP4 at work - I'll be sure to check there on Monday.
0
 

Expert Comment

by:ometecuhtli2001
ID: 10810062
I just checked mspaint on my work system (Windows 2000 SP4) and there is no mention of crypto, seed or RNG in it.
0
 

Author Comment

by:johnqgalt
ID: 10835589
Thanks for your followup, ometecuhtli2001. Try running <a href="http://www.sysinternals.com/ntw2k/source/regmon.shtml">regmon</a> and then opening MS Paint (I tested on Windows 2000). It will SetValue 6 or 7 times in that key. I would like to know why.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing MS Windows 2003 Server product key 6 327
Syteline and a new domain controller 4 727
Recreate New ADC 1 283
Corrupted W2K  serverregistry 2 157
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes how to reset your Windows 10 password when you've forgotten it.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question