Solved

What is HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed and what is it used for?

Posted on 2004-04-07
9
39,411 Views
Last Modified: 2011-08-18
What is HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed and what is it used for?
0
Comment
Question by:johnqgalt
  • 3
  • 2
9 Comments
 
LVL 1

Accepted Solution

by:
20LILY00 earned 250 total points
ID: 10784003
0
 

Assisted Solution

by:ometecuhtli2001
ometecuhtli2001 earned 250 total points
ID: 10784363
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed is a seed for a cryptographic random number.  There are two ways to generate seeds for random numbers in cryptography:  using hardware and using software.  Hardware-based number generation involves connecting special hardware to the computer, which is dedicated to crypto applications.  This registry key appears to be for the software-based method.  The CSP's or cryptographic service providers are able to use this (for example) when generating a password hash.  If you open up c:\winnt\system32\rsabase.dll and do a search for "crypto" you will come across a reference to HKLM\SOFTWARE\Microsoft\Cryptography\RNG.  This particular DLL is the base cryptographic provider which appears to provide RSA encryption, possibly in support of other CSP's, but don't quote me on that. :-)
0
 

Author Comment

by:johnqgalt
ID: 10789201
Thank you for your comments. Can you please explain why  HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed is so frequently used by applications which do not even use crypto? For example, opening a simple application like MS Paint or metapad results in 6 or 7 "set value" actions in this key. Why is that?
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Expert Comment

by:ometecuhtli2001
ID: 10795442
I just checked my copy of mspaint.exe (running Windows XP v2002) and I didn't find any occurrence of "crypto" or "seed."  Maybe a DLL it calls does this as part of its initialization routine or there's something wrong with your mspaint.exe (i.e., infection).  As it was, I had to dig hard and deep to even come up with what little info I was able to give you.  This is probably a question for Microsoft support, and quite frankly I'd be very surprised if they had an even halfway satisfactory answer, because the support people probably don't even know and they work for the company that writes the software!  I run Windows 2000 SP4 at work - I'll be sure to check there on Monday.
0
 

Expert Comment

by:ometecuhtli2001
ID: 10810062
I just checked mspaint on my work system (Windows 2000 SP4) and there is no mention of crypto, seed or RNG in it.
0
 

Author Comment

by:johnqgalt
ID: 10835589
Thanks for your followup, ometecuhtli2001. Try running <a href="http://www.sysinternals.com/ntw2k/source/regmon.shtml">regmon</a> and then opening MS Paint (I tested on Windows 2000). It will SetValue 6 or 7 times in that key. I would like to know why.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question