Using smartcard as RNG
pete at heypete.com
Sat Apr 13 13:04:31 CEST 2013
I did some searching in the archives but wasn't able to see if someone
else asked this question before. If it's been discussed before and I
missed it then I apologize in advance for the weakness of my search-fu
and would appreciate it if someone might point me in the right direction.
That said, I was curious if it is possible for GPG to use the hardware
RNG in an OpenPGP smartcard (either the GnuPG-branded one sold by Kernel
Concepts or ones like the GPF Crypto Stick) as an entropy source for
For example, if I were to generate a long-term OpenPGP key (not
generated on the card) I'd like to ensure that the system has a high
degree of entropy. I currently use a Simtec Entropy Key for creating
entropy for otherwise entropy-starved systems (mostly low-activity VMs)
and this works well, but it'd be nice to also add in entropy from the
smartcard hardware RNG as well.
While it might be nice to use the smartcard's HRNG to feed /dev/random,
I'm mostly interested in using it as an entropy source for key
generation or other entropy-dependent functions if the card is inserted
Is this possible?
 http://www.entropykey.co.uk/ 
 It generates entropy using two hardware generators, does a series of
tests on them, and assuming they pass the tests, feeds them to a daemon
that feeds into a *nix system's entropy pool. One can then access the
entropy through normal methods, such as by accessing /dev/random.
 ObDisclaimer: I have no connection or relationship with the company.
I'm merely a customer who owns the device they sell.
More information about the Gnupg-users