Windows上有什么熵来源? [英] What entropy sources are available on Windows?
问题描述
我想在Windows上生成一个随机加密密钥。在哪里可以获得熵?
我希望我的熵函数在没有网络连接的情况下工作,在Windows 2000及更高版本上可靠。
这是我最初的函数列表:
GetCurrentProcessID ,
GetCurrentThreadID ,
GetTickCount ,
GetLocalTime ,
QueryPerformanceCounter < a>,
GlobalMemoryStatus ,
GetDiskFreeSpace ,
GetComputerName ,
GetUserName ,
GetCursorPos ,
GetMessageTime ,
GetSystemInfo ,
CryptGenRandom ,
< a href =http://msdn.microsoft.com/en-us/library/ms683214%28v=vs.85%29.aspx =nofollow> GetProcessHandleCount ,
GetProcessMemoryInfo 。
虽然早期版本的 CryptGenRandom 功能可能包含弱点后续版本遵循安全标准(请参阅CrypGenRandom页面上的注释。)
对于使用时间作为您的种子/ a>。 有什么是最安全的种子?随机数生成?,这解释了不可预测的随机种子可能仅需要128位来产生安全的PRNG。因此,可能不需要找到比问题中列出的更多的源,并且通常CryptGenRandom函数已经包含并生成足够的熵本身,调用者不需要这样做。
CryptGenRandom和函数 CryptAcquireContext ,它必须先于它,可以从Delphi调用像这样。
I want to produce a random cryptographic key on Windows. Where can I obtain entropy?
I would like my entropy function to work without a network connection and to be reliable on Windows 2000 and upwards. Even sources which may or may not provide a small amount of entropy could be useful as all the sources will be pooled.
This is my initial list of functions:
GetCurrentProcessID, GetCurrentThreadID, GetTickCount, GetLocalTime, QueryPerformanceCounter, GlobalMemoryStatus, GetDiskFreeSpace, GetComputerName, GetUserName, GetCursorPos, GetMessageTime, GetSystemInfo, CryptGenRandom, GetProcessHandleCount, GetProcessMemoryInfo.
Although early versions of the CryptGenRandom function may contain weaknesses later versions follow secure standards (see remarks on the CrypGenRandom page.)
It is weak to just use time as your seed. There is an answer under What is the most secure seed for random number generation? which explains that the unpredictable random seed may only need 128 bits to produce a secure PRNG. It is therefore probably unnecessary to find more sources than those listed in the question, and normally the CryptGenRandom function will already contain and generate enough entropy for itself that the caller does not need to do any of this.
CryptGenRandom and the function CryptAcquireContext which must preceed it can be called from Delphi like this.
这篇关于Windows上有什么熵来源?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
