Enhancing entropy in pseudo-random number generators using remote sources
First Claim
Patent Images
1. A method comprising:
- initializing a pseudo-random number generator (PRNG);
obtaining local seeding information from a host;
securely obtaining additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, wherein the secure entropy collection protocol to perform;
generating a key pair including, a temporary asymmetric public key and a temporary asymmetric private key, encrypting the temporary public key with a public key associated with a remote entropy server, decrypting the temporary public key with a private key associated with the remote entropy server, encrypting the additional seeding information with the temporary public key, and decrypting the additional seeding information with the temporary private key; and
stirring the PRNG with the local seeding information and the additional seeding information.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, apparatus, and method are provided for enhancing entropy in a pseudo-random number generator (PRNG) using remote sources. According to one embodiment of the present invention, first, the PRNG'"'"'s internal state is initialized. Local seeding information is then obtained from a local host. For added security, additional seeding information is obtained from one or more remote entropy servers operating independently to each maintain a constantly updated state pool. Finally, the PRNG is stirred based upon the local seeding information, and the additional seeding information.
-
Citations
30 Claims
-
1. A method comprising:
-
initializing a pseudo-random number generator (PRNG);
obtaining local seeding information from a host;
securely obtaining additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, wherein the secure entropy collection protocol to perform;
generating a key pair including, a temporary asymmetric public key and a temporary asymmetric private key, encrypting the temporary public key with a public key associated with a remote entropy server, decrypting the temporary public key with a private key associated with the remote entropy server, encrypting the additional seeding information with the temporary public key, and decrypting the additional seeding information with the temporary private key; and
stirring the PRNG with the local seeding information and the additional seeding information. - View Dependent Claims (2, 3, 5, 6, 7, 8, 9)
-
-
4. (canceled)
-
10-16. -16. (canceled)
-
17. An entropy enhancing system comprising:
-
a local system including a host and a pseudo-random number generator (PRNG), the local system to initialize the PRNG by obtaining local seeding information from the host, securely obtain additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, the secure entropy collection protocol to perform;
generating a key pair including a temporary asymmetric public key and a temporary asymmetric private key, encrypting the temporary public key with a public key associated with a remote entropy server, decrypting the temporary public key with a private key associated with the remote entropy server, encrypting the additional seeding information with the temporary public key, and decrypting the additional seeding information with the temporary private key; and
stir the PRNG with the local seeding information and the additional seeding information. - View Dependent Claims (18, 19, 20)
-
-
21-24. -24. (canceled)
-
25. A machine-readable medium having stored thereon data representing sets of instructions which, when executed by a machine, cause the machine to:
-
initialize a pseudo-random number generator (PRNG);
obtain local seeding information from a host;
securely obtain additional seeding information from one or more remote entropy servers using a secure entropy collection protocol, wherein the secure entropy collection protocol to;
generate a key pair including a temporary asymmetric public key and a temporary asymmetric private key, encrypt the temporary public key with a public key associated with a remote entropy server, decrypt the temporary public key with a private key associated with the remote entropy server, encrypt the additional seeding information with the temporary public key, and decrypt the additional seeding information with the temporary private key; and
stir the PRNG with the local seeding information and the additional seeding information. - View Dependent Claims (26, 27, 29, 30)
-
-
28. (canceled)
Specification