CryptGen随机熵

发布于 2024-09-15 02:29:20 字数 83 浏览 10 评论 0原文

CryptGenRandom 是 Windows 中 CryptoAPI 中的随机数生成器函数。该随机数生成器有多少熵?我已经找了很多了,但还是没找到。

CryptGenRandom is a random number generator function in CryptoAPI in Windows. How much entropy has that random number generator ? I have already looked a lot, but I couldn't find it.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

累赘 2024-09-22 02:29:20

Windows CryptGenRandom 的确切算法从未公开,因此,一些安全专家建议根本不要使用它。

进行了一些逆向工程和密码分析。
已发表的研究 (Windows 随机密码分析数字生成器 - Leo Dorrendorf,2007)检查了 Windows 2000 RNG 并发现了一些
设计和实施方面的弱点。

该文档还描述了该算法的熵收集器机制(第 4.2.3 节)。熵源是:

Source                   Bytes requested
CircularHash              256
KSecDD                    256
GetCurrentProcessID()       8
GetCurrentThreadID()        8
GetTickCount()              8
GetLocalTime()             16
QueryPerformanceCounter()  24
GlobalMemoryStatus()       16
GetDiskFreeSpace()         40
GetComputerName()          16
GetUserName()             257
GetCursorPos()              8
GetMessageTime()           16
NTQuerySystemInformation calls:
ProcessorTimes             48
Performance               312
Exception                  16
Lookaside                  32
ProcessorStatistics       up to the remaining length (3584 bytes buffer)
ProcessesAndThreads       up to the remaining length

由于我们讨论的是伪数生成器而不是实数生成器,因此您可能会说根本不存在真正的熵,或者只计算您可能认为是“熵”的源(伪熵)。

我无法找到有关 Windows 上较新版本的信息。

The exact algorithm of Windows CryptGenRandom was never published, therefore, some security experts suggest not to use it at all.

Some reverse-engineering and cryptanalysis was made.
A published research (Cryptanalysis of the Windows Random Number Generator - Leo Dorrendorf, 2007) examined Windows 2000 RNG and found a number of
weaknesses in the design and implementation.

The document also describes the entropy collector mechanism of the algorithm (section 4.2.3). The Entropy sources are:

Source                   Bytes requested
CircularHash              256
KSecDD                    256
GetCurrentProcessID()       8
GetCurrentThreadID()        8
GetTickCount()              8
GetLocalTime()             16
QueryPerformanceCounter()  24
GlobalMemoryStatus()       16
GetDiskFreeSpace()         40
GetComputerName()          16
GetUserName()             257
GetCursorPos()              8
GetMessageTime()           16
NTQuerySystemInformation calls:
ProcessorTimes             48
Performance               312
Exception                  16
Lookaside                  32
ProcessorStatistics       up to the remaining length (3584 bytes buffer)
ProcessesAndThreads       up to the remaining length

Since we are talking about a pseudo-number-generator and not a real-number-generator, you may say that there is no real entropy at all, or count only the sources that you may consider as "entropy" (pseudo-entropy).

I was unable to find information regarding newer versions on Windows.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文