Enhancing entropy in pseudo-random number generators using remote sources

US 20060072747A1
Filed: 03/30/2001
Published: 04/06/2006
Est. Priority Date: 03/30/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

initializing a pseudo-random number generator (PRNG);

obtaining local seeding information from a host;

securely obtaining additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, wherein the secure entropy collection protocol to perform;

generating a key pair including, a temporary asymmetric public key and a temporary asymmetric private key, encrypting the temporary public key with a public key associated with a remote entropy server, decrypting the temporary public key with a private key associated with the remote entropy server, encrypting the additional seeding information with the temporary public key, and decrypting the additional seeding information with the temporary private key; and

stirring the PRNG with the local seeding information and the additional seeding information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, apparatus, and method are provided for enhancing entropy in a pseudo-random number generator (PRNG) using remote sources. According to one embodiment of the present invention, first, the PRNG'"'"'s internal state is initialized. Local seeding information is then obtained from a local host. For added security, additional seeding information is obtained from one or more remote entropy servers operating independently to each maintain a constantly updated state pool. Finally, the PRNG is stirred based upon the local seeding information, and the additional seeding information.

Citations

30 Claims

1. A method comprising:
- initializing a pseudo-random number generator (PRNG);
  
  obtaining local seeding information from a host;
  
  securely obtaining additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, wherein the secure entropy collection protocol to perform;
  
  generating a key pair including, a temporary asymmetric public key and a temporary asymmetric private key, encrypting the temporary public key with a public key associated with a remote entropy server, decrypting the temporary public key with a private key associated with the remote entropy server, encrypting the additional seeding information with the temporary public key, and decrypting the additional seeding information with the temporary private key; and
  
  stirring the PRNG with the local seeding information and the additional seeding information.
- View Dependent Claims (2, 3, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the initializing of the PRNG comprises initializing an internal state of the PRNG with a random value.
  - 3. The method of claim 2, wherein the random value comprises a seed.
  - 5. The method of claim 1, wherein the one or more remote entropy servers maintain random state pool to supply the host with the random value.
  - 6. The method of claim 1, wherein the securely obtaining of the seeding information from the one or more remote entropy servers includes using a privacy protocol.
  - 7. The method of claim 6, wherein the privacy protocol comprises secure sockets layer (SSL) protocol.
  - 8. The method of claim 6, wherein the privacy protocol comprises transport layer security (TLS) protocol.
  - 9. The method of claim 1, wherein the stirring of the PRNG comprises producing a cryptographically random stream of bits.

4. (canceled)

10-16. -16. (canceled)

17. An entropy enhancing system comprising:
- a local system including a host and a pseudo-random number generator (PRNG), the local system to initialize the PRNG by obtaining local seeding information from the host, securely obtain additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, the secure entropy collection protocol to perform;
  
  generating a key pair including a temporary asymmetric public key and a temporary asymmetric private key, encrypting the temporary public key with a public key associated with a remote entropy server, decrypting the temporary public key with a private key associated with the remote entropy server, encrypting the additional seeding information with the temporary public key, and decrypting the additional seeding information with the temporary private key; and
  
  stir the PRNG with the local seeding information and the additional seeding information.
- View Dependent Claims (18, 19, 20)
- - 18. The entropy enhancing system of claim 17, wherein the local system generates the local seeding information at the host.
  - 19. The entropy enhancing system of claim 17, wherein the one or more remote systems generates the remote seeding information at the one or more entropy servers.
  - 20. The entropy enhancing system of claim 17, wherein the entropy servers comprise one or more of the following:
    - hardware and software.

21-24. -24. (canceled)

25. A machine-readable medium having stored thereon data representing sets of instructions which, when executed by a machine, cause the machine to:
- initialize a pseudo-random number generator (PRNG);
  
  obtain local seeding information from a host;
  
  securely obtain additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, wherein the secure entropy collection protocol to;
  
  generate a key pair including a temporary asymmetric public key and a temporary asymmetric private key, encrypt the temporary public key with a public key associated with a remote entropy server, decrypt the temporary public key with a private key associated with the remote entropy server, encrypt the additional seeding information with the temporary public key, and decrypt the additional seeding information with the temporary private key; and
  
  stir the PRNG with the local seeding information and the additional seeding information.
- View Dependent Claims (26, 27, 29, 30)
- - 26. The machine-readable medium of claim 25, wherein the initializing of the PRNG comprises initializing an internal state of the PRNG with a random value.
  - 27. The machine-readable medium of claim 26, wherein the random value comprises a seed.
  - 29. The machine-readable medium of claim 25, wherein the one or more remote entropy servers maintain random state pool to supply the host with the random value.
  - 30. The machine-readable medium of claim 25, wherein the stirring of the PRNG comprises producing a cryptographically random stream of bits.

28. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Wood, Matthew D., Graunke, Gary L.

Application Number

US09/822,548
Publication Number

US 20060072747A1
Time in Patent Office

Days
Field of Search
US Class Current

380/44
CPC Class Codes

G06F 7/58   Random or pseudo-random num...

H04L 63/06   for supporting key manageme...

H04L 63/166   at the transport layer

H04L 9/0662   with particular pseudorando...

Enhancing entropy in pseudo-random number generators using remote sources

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Enhancing entropy in pseudo-random number generators using remote sources

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links