What entropy sources are available on Windows?

I want to produce a random cryptographic key on Windows. Where can I obtain entropy?

I would like my entropy function to work without a network connection and to be reliable on Windows 2000 and upwards. Even sources which may or may not provide a small amount of entropy could be useful as all the sources will be pooled.

This is my initial list of functions:

GetCurrentProcessID, GetCurrentThreadID, GetTickCount, GetLocalTime, QueryPerformanceCounter, GlobalMemoryStatus, GetDiskFreeSpace, GetComputerName, GetUserName, GetCursorPos, GetMessageTime, GetSystemInfo, CryptGenRandom, GetProcessHandleCount, GetProcessMemoryInfo.

---

Although early versions of the CryptGenRandom function may contain weaknesses later versions follow secure standards (see remarks on the CrypGenRandom page.)

It is weak to just use time as your seed. There is an answer under What is the most secure seed for random number generation? which explains that the unpredictable random seed may only need 128 bits to produce a secure PRNG. It is therefore probably unnecessary to find more sources than those listed in the question, and normally the CryptGenRandom function will already contain and generate enough entropy for itself that the caller does not need to do any of this.

CryptGenRandom and the function CryptAcquireContext which must preceed it can be called from Delphi like this.

---

如果它有一个选项，你可以让用户移动鼠标指针一段时间。

---

The only external source that most machines have is Mic In/Line In, call waveInOpen+waveInPrepareHeader+waveInAddBuffer+waveInStart. How random that is probably depends on the hardware...

链接地址: http://www.djcxy.com/p/61918.html

上一篇: java.util.Random和java.security.SecureRandom之间的区别

下一篇: Windows上有什么熵源？