3

I want to produce a random cryptographic key on Windows. Where can I obtain entropy?

I would like my entropy function to work without a network connection and to be reliable on Windows 2000 and upwards. Even sources which may or may not provide a small amount of entropy could be useful as all the sources will be pooled.

This is my initial list of functions:

GetCurrentProcessID, GetCurrentThreadID, GetTickCount, GetLocalTime, QueryPerformanceCounter, GlobalMemoryStatus, GetDiskFreeSpace, GetComputerName, GetUserName, GetCursorPos, GetMessageTime, GetSystemInfo, CryptGenRandom, GetProcessHandleCount, GetProcessMemoryInfo.

soid
  • 541
  • 8
  • 15
  • 7
    Why do you list CryptGenRandom, when it, huh, does what you want? – R. Martinho Fernandes Feb 10 '11 at 09:58
  • I wasn't sure it does work well on all computers and versions of Windows. Are you saying I should definitely just use that function? Should I supply it with entropy as it suggests? – soid Feb 10 '11 at 10:25
  • Works fine with all versions of Windows. Check the [documentation](http://msdn.microsoft.com/en-us/library/aa379942.aspx) you linked to yourself. The minimum supported version is Windows 2000, exactly your stated requirement. – Cody Gray - on strike Feb 10 '11 at 10:44
  • @Martinho and @Cody: I have just been reading the [Wikipedia page about CryptGenRandom](http://en.wikipedia.org/wiki/CryptGenRandom) which says it does not work very well, in terms of its security, on Windows 2000. I will use it as the primary, but not sole, source of randomness for my keys. – soid Feb 11 '11 at 09:24

3 Answers3

7

Although early versions of the CryptGenRandom function may contain weaknesses later versions follow secure standards (see remarks on the CrypGenRandom page.)

It is weak to just use time as your seed. There is an answer under What is the most secure seed for random number generation? which explains that the unpredictable random seed may only need 128 bits to produce a secure PRNG. It is therefore probably unnecessary to find more sources than those listed in the question, and normally the CryptGenRandom function will already contain and generate enough entropy for itself that the caller does not need to do any of this.

CryptGenRandom and the function CryptAcquireContext which must preceed it can be called from Delphi like this.

Community
  • 1
  • 1
soid
  • 541
  • 8
  • 15
2

If its an option you can ask user to move mouse pointer for a while.

greg
  • 665
  • 3
  • 5
2

The only external source that most machines have is Mic In/Line In, call waveInOpen+waveInPrepareHeader+waveInAddBuffer+waveInStart. How random that is probably depends on the hardware...

Anders
  • 97,548
  • 12
  • 110
  • 164