|
Title: TrueCrypt Hardware RNG Post by: ctoon6 on July 26, 2011, 05:23:04 AM Is there such a thing? A hardware random number generator that can be used with truecrypt, or a way to import raw random data.
Title: Re: TrueCrypt Hardware RNG Post by: hugolp on July 26, 2011, 05:24:55 AM Is there such a thing? A hardware random number generator that can be used with truecrypt, or a way to import raw random data. I have that hardware here right by me. Just tell me how long do you want the number to be and for a low fee I will provide you with a trully 100% guarantee random number. ;) Title: Re: TrueCrypt Hardware RNG Post by: ctoon6 on July 26, 2011, 05:27:58 AM yeah but how do you use it with truecrypt, i can make my own easily enough
Title: Re: TrueCrypt Hardware RNG Post by: theymos on July 26, 2011, 07:17:46 AM TrueCrypt uses the system's random number generation facility, so on Linux you can just write to /dev/random.
Title: Re: TrueCrypt Hardware RNG Post by: ctoon6 on July 26, 2011, 07:46:05 AM So i can assume that truecrypt does not have any functionality built in to import a file with random data.
Title: Re: TrueCrypt Hardware RNG Post by: JoelKatz on July 26, 2011, 08:02:51 AM Is there such a thing? A hardware random number generator that can be used with truecrypt, or a way to import raw random data. On Windows, TrueCrypt imports entropy from the system RNG. So long as your hardware RNG pushes entropy into the system pool. TrueCrypt will use it.Per http://www.truecrypt.org/docs/?s=random-number-generator "The pool, which is 320 bytes long, is filled with data from the following sources: ... MS Windows only: MS Windows CryptoAPI (collected regularly at 500-ms interval)" The MS Windows CryptoAPI source produces cryptographically-strong random numbers even without a hardware RNG. It is designed for exactly this purpose. TrueCrypt uses other sources as well just in case there's some defect in CryptoAPI (and to be assured of similar security properties across platforms), but no defect is known or suspected. If you'd like to add randomness to the system source, you can easily do so, and TrueCrypt will get it. Just pass it to 'CryptGenRandom' as the auxiliary seed. If the file is large, you may just wish to pass a hash of it. I don't think there is any benefit to doing this, but you certainly can if you wish. Here's the basic code: bool TradeEntropy(void *ptr, int len) { // Exchange some entropy with the CryptoAPI char namebuf[512]; DWORD count = 500; HCRYPTPROV handle; if(!CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_MACHINE_DEFAULT, namebuf, &count)) // unable to get default provider return false; if(!CryptAcquireContext(&handle, NULL, namebuf, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) // Unable to acquire provider return false; if(!CryptGenRandom(handle, len, (BYTE *) ptr)) { // Could not exchange entropy CryptReleaseContext(handle, 0); return false; } CryptReleaseContext(handle, 0); return true; } Title: Re: TrueCrypt Hardware RNG Post by: theymos on July 26, 2011, 08:04:08 AM So i can assume that truecrypt does not have any functionality built in to import a file with random data. I'm pretty sure there is no such function. |