CryptGenRandom使用我的处理器中的RNG吗?

huangapple go评论87阅读模式
英文:

Does CryptGenRandom use the RNG in my processor?

问题

在Windows上,CryptGenRandom是要使用的标准随机数生成器。它被许多包如Python的RandomSecrets模块所调用,它们都使用os.urandom,而os.urandom又调用CryptGenRandom。

关于CryptGenRandom的算法,我找到了以下信息:

> 在Windows Vista Service Pack 1(SP1)及以后的版本中,使用了NIST特殊出版物800-90中指定的基于AES计数模式的PRNG实现。在Windows Vista、Windows Storage Server 2003和Windows XP中,使用了联邦信息处理标准(FIPS)186-2中指定的PRNG。

然而,NIST出版物没有指定使用哪个熵源。

在我笔记本电脑的情况下,我有一台联想Ideapad Gaming笔记本电脑,配备了Intel(R) Core(TM) i5-10300H处理器。我在这台笔记本电脑上安装了Windows 10。
该处理器包含一个名为Secure Key Technology的RNG。CryptGenRandom是否使用这个作为熵源?

英文:

On Windows, CryptGenRandom is the standard random number generator to use.
It is called by many packages like Python’s Random and Secrets modules, which both use os.urandom, which in turns calls CryptGenRandom.

For the algorithm of CryptGenRandom, I found out the following:

> In Windows Vista with Service Pack 1 (SP1) and later, an
> implementation of the AES counter-mode based PRNG specified in NIST
> Special Publication 800-90 is used. In Windows Vista, Windows Storage
> Server 2003, and Windows XP, the PRNG specified in Federal Information
> Processing Standard (FIPS) 186-2 is used.

However, the NIST publication does not specify which entropy source is used.

In the case of my laptop, I have an Ideapad Gaming laptop by Lenovo, with an Intel(R) Core(TM) i5-10300H processor. On this laptop I have Windows 10 installed.
The processor contains a RNG called Secure Key Technology. Is this used as entropy source by CryptGenRandom?

答案1

得分: 2

以下是翻译好的部分:

初始熵源包括:

  • 种子文件
  • 外部熵
  • TPM 随机性
  • RDRAND 随机性(您提到了与 Secure Key Technology 相关的指令)
  • ACPI-OEM0 表
  • 来自 UEFI 熵提供程序的输出
  • 当前时间

Windows 10 拥有许多熵源,它们共同确保操作系统具有良好的熵。不同的熵源在不同情况下保证了良好的熵;通过使用它们,可以获得最佳覆盖范围。

来源:Windows 10 随机数生成基础设施

本白皮书探讨了 Windows 10 伪随机数生成器(PRNG)基础设施的详细信息,并列出了主要的 RNG API。白皮书还解释了熵系统的工作原理,熵源是什么,以及初始种子生成的方式。

英文:

The initial entropy sources include:

  • Seed file
  • External entropy
  • TPM randomness
  • RDRAND randomness (You mentioned Secure Key Technology-related instruction)
  • ACPI-OEM0 table
  • Output from the UEFI entropy provider
  • The current time

> Windows 10 has many entropy sources; these work together to ensure that the OS has
good entropy. Different entropy sources guarantee good entropy in different situations;
by using them all the best coverage is attained.

From : The Windows 10 random number generation infrastructure

This whitepaper explores details about the Windows 10 pseudo-random number generator (PRNG) infrastructure and lists the primary RNG APIs. The whitepaper also explains how the entropy system works, what the entropy sources are, and how initial seeding works.

huangapple
  • 本文由 发表于 2023年7月18日 15:26:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/76710387.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定