Seed File

Fortuna Home GUI Monitor Design SeedFile Entropy Sources Source Code Changes

 

The seed file described for Fortuna in the book Practical Cryptography only writes out the state of the generator.  Unfortunately, taking this approach results in the entropy of all the pools being lost.  Given that Windows boxes do require rebooting more than some other operating systems, I decided that writing out the state of the entropy pools also would be beneficial.  However, the seed file must be encrypted so that an attacker cannot merely copy the seed files, then power down the computer.  If the seed file was not encrypted, an attacker would have access to the state of the prng. 

There is also an excellent description in the book regarding the use of the seed file itself.  In particular, how does one protect against the same seed file being used multiple times?  I deal with this problem by never using the state of the seed file directly.  Each time Fortuna is started and the seed file is read in, before Fortuna can return any random numbers the state of each entropy pool is modified in two ways.  First, a comprehensive snapshot of the operating data for the machine is taken.  This includes all of the current process information, as well as other information.  See MachineSig.cpp for all the details.

Also, each thread adds thread specific data to each pool beyond the machine signature.  In this way the data added to each pool is different.  See MachineSignature.cpp for the MachineSignature and Pool::AddMachineSignaturetoPool() for all the details.

 

 

 

Citadel Software Home Contact