Random Seed for Generating PGP Keys
NIIBE Yutaka
gniibe at fsij.org
Wed May 27 04:46:57 CEST 2015
On 05/25/2015 01:35 AM, George Lee wrote:
> I'm interested in seeing if rather than relying on the built-in software to
> generate randomness when creating a PGP key, if it is possible to configure
> GnuPG to use a manually entered random seed. That way I could generate a
> seed using coins, dice, my magic cauldron, etc.
Well, in my I HWRNG implementation (named NeuG), I don't use coins or
dice. The source is sampling of analog inputs by A/D converter (the
inputs itself doesn't matter much). When you generate a key on Gnuk
Token, it goes directly from NeuG.
Actually, I thought similar thing. Here is a post of mine in
September, 2013:
http://lists.gnupg.org/pipermail/gnupg-devel/2013-September/027900.html
At that time, I considered that I could control more reliably with a
specific "raw" interface to feed entropy to an application directly.
But, currently, I think that it is rather good for GnuPG/libgcyrpt not
to have such an interface but just use system /dev/random (if
available).
When we are using GNU/Linux system or some UNIXen, it goes like this
with HWRNG (with GCRY_RNG_TYPE_STANDARD configuration):
HWRNG --> /dev/random --> CSPRNG [of GnuPG/libgcrypt] --> GPG key
Note that within HWRNG design itself, thre is usually CSPRNG component
to remove bias from its entropy source. Further, it's also there in
the design of system /dev/random.
Thus, it is common to have many components of CRRNG in sequence, which
sounds pretty much redundant.
After all, the problem to solve here is: we want the random number
sequence under *none*'s control, so, it would be OK to have another
redundant CSPRNG or two. That's my opinion.
BTW, now, my HWRNG is available in US, too. Please visit:
http://shop.fsf.org/category/gnu-gear/
--
More information about the Gnupg-users
mailing list