Jan Skibinski writes:
> Good point. Short of reading some truly random device
> (perhaps ambient temperature fluctuation) this can be always
> theoretically defeated. I can only make life more difficult
> to the attacker by trying to outsmart him algoritmically
> (Or to confuse him. My clock is always several hours too late
> or too early. Just kidding)
>
> Any good idea? First prize: a bottle of something good. :-)
There is a thing known as an Entropy Gathering Demon (EGD).
>From http://www.lothar.com/tech/crypto/ :
One of the nice features of the Linux kernel is the /dev/random
device. This is a little character device that gives you random
numbers when you read it. In a variety of places scattered
throughout the kernel, certain interrupts (network packets arriving,
keyboard hits, mouse movement) cause a timestamp and some event
information to be hashed into an "entropy pool". The pool, perhaps
4k in size, always contains very random data, but as bits are
"stirred" in, a counter is incremented to reflect the fact that the
poll is now even more random than before. When you read from
/dev/random, you get a hashed portion of the pool, and the counter
is decremented. This gives you high quality cryptographically strong
random data.
...
EGD is an Entropy Gathering Daemon meant to be used on systems that
can run GPG* but which don't have this convenient source of random
bits. It is a regular user-space program that sits around, running
programs like 'w' and 'last' and 'vmstat', collecting the randomness
(or at least the unpredictability) inherent in the output of these
system statistics programs when used on a reasonably busy system. It
slowly stirs the output of these gathering programs into a pool of
entropy, much like the linux kernel device, and allows other programs
to read out random bits from this pool.
* GPG = GNU Privacy Guard
--
Frank Atanassow, Dept. of Computer Science, Utrecht University
Padualaan 14, PO Box 80.089, 3508 TB Utrecht, Netherlands
Tel +31 (030) 253-1012, Fax +31 (030) 251-3791
