http://egd.sourceforge.net/
" One of the nice features of the Linux kernel (and certain *BSD kernels) is the /dev/random device. This is a little character device that gives you random numbers when you read it. In a variety of places scattered throughout the kernel, certain interrupts (network packets arriving, keyboard hits, mouse movement) cause a timestamp and some event information to be hashed into an "entropy pool". The pool, perhaps 4k in size, always contains very random data, but as bits are "stirred" in, a counter is incremented to reflect the fact that the poll is now even more random than before. When you read from /dev/random, you get a hashed portion of the pool, and the counter is decremented. This gives you high quality cryptographically strong random data. The Gnu Privacy Guard (GPG), along with many other encryption routines (pgp, ssh, even the sequence-number selection algorithm used by the kernel's TCP stack), use this device to seed a secure random number generator. Encryption uses lots of random data, and hybrid public-key/ symmetric-cipher encryption uses even more. EGD is an Entropy Gathering Daemon meant to be used on systems that can run GPG but which don't have this convenient source of random bits. It is a regular user-space program that sits around, running programs like 'w' and 'last' and 'vmstat', collecting the randomness (or at least the unpredictability) inherent in the output of these system statistics programs when used on a reasonably busy system. It slowly stirs the output of these gathering programs into a pool of entropy, much like the linux kernel device, and allows other programs to read out random bits from this pool. EGD is meant to be used with GPG, but other programs can use it too. The current release of GPG has a module called randegd which knows how to speak the EGD protocol, allowing GPG to be used securely on non-Linux systems. EGD is written in perl, which helps make it a lot more portable since perl runs on so many systems. It is designed to deal with a wide variety of possible entropy gatherers, discovering at runtime which ones are available and where they are located. " -- http://www.subspacefield.org/~travis/ Remediating... LIKE A BOSS
pgpeOzv5Kr7Mn.pgp
Description: PGP signature
_______________________________________________ RNG mailing list [email protected] http://lists.bitrot.info/mailman/listinfo/rng
