using alternate sources of entropy
pete at petertodd.org
Tue May 7 21:24:11 CEST 2013
On Tue, May 07, 2013 at 04:19:02PM +0000, Abel Luck wrote:
> For various reasons we're exploring alternatives to /dev/random on
> Android. Primarily because it doesn't fill fast enough, and we do not
> have root access so we cannot write to it.
Actually any user can write to /dev/random and add data to the
random pool. What they can't do is update the pool's counters to tell
the pool that the bits you added were actually random.
> We've one good source of entropy, the accelerometer, that we would like
> gpg-agent to use. Looking through the docs it appears gnupg supports EGD.
> EGD would work well, but it is written in perl, which would be a royal
> PITA to get working on Android.
> The options I've come up with are:
> 1) Write an EGD in C or Java
> 2) Hack gnupg source and add our own thing
> Neither are particularly attractive. Is there another way to supply
> gnupg with entropy?
If you add the accelerometer data to /dev/random yourself and keep track
of how many bits of randomness you've added the hack could be to just
point gnupg to /dev/urandom
Hard to say if that's better than a different hack though, and assumes
Linux doesn't break /dev/urandom or the adding data to the pool
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: Digital signature
More information about the Gnupg-devel