exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

egd-0.5.README

egd-0.5.README
Posted Dec 21, 1999

egd-0.5.README

tags | encryption
SHA-256 | 60fed0e538da8a6a11ef31dafe44dec41ec7e63d2aedf4dfb109b4924371fdac

egd-0.5.README

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


EGD : an Entropy Gathering Daemon
v0.5

Brian Warner <warner@lothar.com>

mainly intended for use with the GNU Privacy Guard
<http://www.gnupg.org>

This is a standalone daemon that sits around running various statistics
collection programs (ps, vmstat, iostat, etc). It hashes the results into an
"entropy pool". If things happen on your system at relatively random and
unpredictable times, then some of that randomness will become a part of the
entropy pool and can be used to generate random numbers. It is basically a
user-space implementation of the Linux kernel /dev/random device. As such, it
should be runnable on all unix-like systems. It is intended to make up for the
lack of /dev/random on non-Linux systems so that programs like GPG can be used
safely.

This daemon should be allowed to run for a long time. It only gathers a small
amount of entropy at a time, because many system statistics do not change
very frequently and are rather predictable if sampled too quickly. It does not
require any special privileges to run, but it may be reasonable for a sysadmin
to arrange for it to be started at boot time, allowing it to be used by all
users.

The daemon provides a socket interface (either UNIX-style or TCP) from which
the entropy can be read. For the exact protocol, see the notes at the end of
the daemon source. Blocking and non-blocking reads are available, as well as a
call to get the amount of entropy available in the pool. The entropy level is
raised by running gatherer programs (which happens automatically over time)
and adding their output; it is lowered by clients reading entropy. Once the
count goes to zero, no entropy can be read until some more is generated. There
is currently no equivalent to the Linux /dev/urandom device, which provides
exactly this read-when-entropy-is-empty capability (at this point the data
returned is no longer truly random, merely cryptographically strong).

The daemon is written in perl for greatest portability to lots of non-Linux
systems. perl5.004 should be plenty. It uses the SHA extension, currently by
Uwe Hollerbach, available from CPAN. If your system does not already have this
extension installed, version 1.2 will be installed for you (to make it easier
to embed this module in the GnuPG distribution). This embedded version has
been modified slightly to not ask the user about doing SHA-0 versus SHA-1 at
configure time (to allow the GnuPG configure process to remain
non-interactive). The list of entropy gathering programs includes a variety of
stats programs. They are searched for in a number of common directories. Any
that are missing are pruned from the list at startup; any that cause runtime
errors are dropped as well. Most sources remove all but the digits from the
output in an attempt to distill the entropy before counting how many bits are
provided by that source.

LICENSE:

EGD is free software and can be used and copied under the terms of the GNU
General Public License. Please see the file COPYING in this directory for
the exact terms. Share and Enjoy!

(please note that the included SHA-1.2 module comes under a slightly
different license, the same as used by Perl itself, which is a bit more
liberal than the GPL. I chose to put EGD under GPL because the cryptlib
library that inspired it was permitted to be distributed in GPG under the GPL
and I figured I should do the same. If you find this restrictive, please
write me, and I'd be happy to give you permission to do other stuff with it).


AUTHOR:
Brian Warner, <warner@lothar.com>. Please send all patches, bug reports,
and comments to me. I'm especially interested in how well it works on
systems I don't have access to (I've only got linux, sunos, and solaris to
test on), as well as new gatherer programs to add to the list.

EGD was inspired by, and got the initial list of random number sources
from, the cryptlib entropy gathering code, by Peter Gutmann and others.
<http://www.cs.auckland.ac.nz/~pgut001/cryptlib/index.html>

Thanks to Werner Koch for writing GnuPG and for convincing me to go and
write this thing.

Visit <http://www.lothar.com/tech/crypto/> for updates and other fun stuff.

Changes:
v0.5 : add get-pid command to protocol (0x04)
add --kill command to find a daemon on the specified socket and kill
it off
detect if a socket is already in use and don't try to use it
(if all sockets are in use, just exit silently)
fork into background unless --nofork is given
add --quit-after=NN : terminate after NN minutes

v0.4 : ignore SIGPIPE.
use Getopt::Long to switch on debug flags
don't decay entropy below zero
add a counter for total bytes consumed. use --debug-client to display
add eg/sucker.pl to pull out as much entropy as possible. Used to
determine the entropy generation rate. With all the weights and timers
at the default, my linux box extracts 28 bits per second out of 20
sources. My solaris box manages about 105 bps from 56 sources.
add --bottomless option to not decrement entropy count when clients
consume entropy. Use for GPG self-tests since they require about
53kbytes of entropy, which would take over an hour to generate
on my fastest test box

v0.3 : finally bundled into a form that could be put into the GPG
distribution. Included a copy of SHA-1.2 and created Makefile.PL
tricks to build it only if necessary.

v0.2 : add reuse timers (don't run a given gatherer too frequently)
redirect stderr of gatherers to /dev/null (much quieter now)

v0.1 : initial release. noisy as all heck but it seems to work.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE27hQvkDmgv9E5zEwRAmr3AKCc1ePZ0plFpbmJZY9MacqY7uiDSACfTYRz
ZFbbWBfWrdtFAov6KTOSfp4=
=PwwK
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close