Question about random number generation

Werner Koch wk@gnupg.org
Sun Sep 29 19:55:02 2002


On Sun, 29 Sep 2002 11:11:49 -0400 (EDT), Vikram Ravindran said:

> keyboard, and PGP times the interval between keystrokes and uses that to
> generate random numbers. This seems to be a more portable way of going
> about things, as the current set of modules assumes that certain files

This is easy with DOS and maybe with Windows but hard for other OSes.
With DOS you have direct access to the interrupt service routine and
nothing is in the way.  Real operating systems abstract the key
presses from the application and there is no way to be sure that there
is not a course granularity when taking the timings.  So these event
might be quite predictable.  

The only way to get theses events is by having kernel support for it
(i.e. /dev/random).  The EGD way is just a kudge for OSes which don't
support it.


Shalom-Salam,

   Werner