views:

60

answers:

1

Hello,

CryptGenRandom is a random number generator function in CryptoAPI in Windows. How much entropy has that random number generator ? I have already looked a lot, but I couldn't find it. Thanks in advance.

+1  A: 

The exact algorithm of Windows CryptGenRandom was never published, therefore, some security experts suggest not to use it at all.

Some reverse-engineering and cryptanalysis was made. A published research (see http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.124.6557&rep=rep1&type=pdf) examined Windows 2000 RNG and found a number of weaknesses in the design and implementation.

The document also describes the entropy collector mechanism of the algorithm (section 4.2.3). The Entropy sources are:

Source                   Bytes requested
CircularHash              256
KSecDD                    256
GetCurrentProcessID()       8
GetCurrentThreadID()        8
GetTickCount()              8
GetLocalTime()             16
QueryPerformanceCounter()  24
GlobalMemoryStatus()       16
GetDiskFreeSpace()         40
GetComputerName()          16
GetUserName()             257
GetCursorPos()              8
GetMessageTime()           16
NTQuerySystemInformation calls:
ProcessorTimes             48
Performance               312
Exception                  16
Lookaside                  32
ProcessorStatistics       up to the remaining length (3584 bytes buffer)
ProcessesAndThreads       up to the remaining length

Since we are talking about a pseudo-number-generator and not a real-number-generator, you may say that there is no real entropy at all, or count only the sources that you may consider as "entropy" (pseudo-entropy).

I was unable to find information regarding newer versions on Windows.

Lior Kogan