how to implement random number generator according to mouse move and type keyboard

zazem · 08-11-2008, 02:35 AM

Hi,

I implementing a RSA cyptographic program. But I am not going to use the SecureRandom that Java supplied. Do I have alternative way to generate a random number based on mouse moving or inputing keyboard?

Looking for your help,

Thank you very much

MS3FGX · 08-11-2008, 02:41 AM

Linux's PRNG already uses keyboard and mouse inputs as seed values; among other activity (such as disk access). Keyboard and mouse values are not terribly good sources of entropy however, as the English language doesn't have a lot of randomness to it and mouse movement is going to be regulated by whatever task the user is performing.

chort · 08-11-2008, 08:50 AM

Do not write your own PRNG!!!

Most of the time it's done completely incorrectly, and they're very, very, very easy to screw up and get wrong, leading to very weak keys being generated. Use a vetted PRNG from a commercial security vendor (like, ahem, RSA) or use the operating system's built-in PRNG device. Make sure you do a lot of testing of the OS's PRNG device to ensure that it always generates a sufficient amount of entropy.

slimm609 · 08-11-2008, 11:57 AM

The only system that i have seen to be extremely random used 2 microphones as the entropy source. 1 in the server room and 1 outside of the building listening to the environment. 2 completely different sources and non predictable.