What entropy sources are available on Windows?

孤人 提交于 2019-12-13 13:15:35

问题


I want to produce a random cryptographic key on Windows. Where can I obtain entropy?

I would like my entropy function to work without a network connection and to be reliable on Windows 2000 and upwards. Even sources which may or may not provide a small amount of entropy could be useful as all the sources will be pooled.

This is my initial list of functions:

GetCurrentProcessID, GetCurrentThreadID, GetTickCount, GetLocalTime, QueryPerformanceCounter, GlobalMemoryStatus, GetDiskFreeSpace, GetComputerName, GetUserName, GetCursorPos, GetMessageTime, GetSystemInfo, CryptGenRandom, GetProcessHandleCount, GetProcessMemoryInfo.


回答1:


Although early versions of the CryptGenRandom function may contain weaknesses later versions follow secure standards (see remarks on the CrypGenRandom page.)

It is weak to just use time as your seed. There is an answer under What is the most secure seed for random number generation? which explains that the unpredictable random seed may only need 128 bits to produce a secure PRNG. It is therefore probably unnecessary to find more sources than those listed in the question, and normally the CryptGenRandom function will already contain and generate enough entropy for itself that the caller does not need to do any of this.

CryptGenRandom and the function CryptAcquireContext which must preceed it can be called from Delphi like this.




回答2:


If its an option you can ask user to move mouse pointer for a while.




回答3:


The only external source that most machines have is Mic In/Line In, call waveInOpen+waveInPrepareHeader+waveInAddBuffer+waveInStart. How random that is probably depends on the hardware...



来源:https://stackoverflow.com/questions/4955527/what-entropy-sources-are-available-on-windows

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!