Random Seed for Generating PGP Keys

Jean-David Beyer jeandavid8 at verizon.net
Mon May 25 13:48:16 CEST 2015


On 05/24/2015 05:11 PM, kendrick eastes wrote:
> 
> On Sun, May 24, 2015 at 10:35 AM, George Lee <george at cmtytech.org
> <mailto:george at cmtytech.org>> wrote:
> 
>     Hello,
> 
>     I'm interested in seeing if rather than relying on the built-in
>     software to generate randomness when creating a PGP key, if it is
>     possible to configure GnuPG to use a manually entered random seed.
>     That way I could generate a seed using coins, dice, my magic
>     cauldron, etc.
> 
>     Is this possible to do? How much entropy in a seed would I need?
> 
>     I also imagine that folks might say the software is very good at
>     generating random numbers. Feel free to share more details why, e.g.
>     how many bits of entropy are provided and how to make sure they're
>     truly random. But it would still be helpful to know if the above
>     customization is possible.
> 
>     Thank you!
> 
>     - George
> 
> 
> 
> would it not be more reliable and simpler to use a HWRNG to generate
> entropy?

In theory, no software random number generator can generate truly random
numbers, since they will repeat. They function they generate is cyclic,
just as sin(t) is cyclic, though their period is much greater. But once
you use an algorithm to generate random numbers, you have sinned.

If you used a good HwRNG.
> 
> https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators
> has a list of commercially available generators, and i know i have seen
> at least 2 homebrew designs that had source and HW schematics released. 
> 

This article would have been more useful if the author had subjected
these random number generator to the usual mathematical tests for
randomness.

Here is what was, at the time it was written, a very good paper on
software random number generators. Almost 50 years old now. I have not
kept up with the field, so I do not know how much progress, if any, has
been made since.

https://dl.acm.org/citation.cfm?id=321379

I remember in the past when I needed a random number generator, I made
plots on a crt where one random number was used as the x-coordinate and
the next one was used as the y-coordinate of a plotted point. I expected
to see a mess of noise, but there were, instead, stripes. Turns out
there was a bug in the RNG I was using.


-- 
  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key:166D840A 0C610C8B Registered Machine  1935521.
 /( )\ Shrewsbury, New Jersey    http://linuxcounter.net
 ^^-^^ 07:35:01 up 23 days, 15:26, 2 users, load average: 4.22, 4.37, 4.69



More information about the Gnupg-users mailing list