using alternate sources of entropy

Werner Koch wk at
Fri May 10 09:38:00 CEST 2013

On Tue,  7 May 2013 18:19, abel at said:

> For various reasons we're exploring alternatives to /dev/random on
> Android. Primarily because it doesn't fill fast enough, and we do not
> have root access so we cannot write to it.

If there is not enough entropy in the system you can't do anything about
it.  Adding an EGD doesn't help because it only mimics what the kernel
does.  EGD was designed as a replacement for /dev/random which did not
exists on all Unix platforms back then.

> We've one good source of entropy, the accelerometer, that we would like

If that is a good source and does not require much power, why isn't that
already used by the kernel?

> 1) Write an EGD in C or Java

Not a good idea.

You may want to look at a HAVEGE implementation but that is very system

> 2) Hack gnupg source and add our own thing

The latest libgcrypt master has a feature to switch to use /dev/random
directly instead of using this as an entropy source for Libgrypt's own
RNG (which way more conservative).  You would need to add some minor
changes to GnuPG, so that it is really used.  That will save a lot of
entropy but is of course a security trade-off.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list