[guardian-dev] Accelerometer as a source of entropy
Hans of Guardian
hans at guardianproject.info
Tue May 7 10:18:36 EDT 2013
On May 6, 2013, at 11:33 PM, Nathan of Guardian wrote:
> On 05/03/2013 10:59 AM, Abel Luck wrote:
>> Nathan: where can we find the code? We need this for Gnupg key generation.
>
> Unfortunately this was written in Javascript for use with the PhoneGap
> version of CryptoCat.
>
> I don't think it would be that hard to do though... here is a good
> staring point:
> http://stackoverflow.com/questions/15622497/android-magnetometer-returning-random-values
I think the proper way to do it is to somehow feed the sensor data into the kernel's entropy engine, so that's its available via /dev/random. I've heard that its possible to just write data to /dev/random, but I don't know the details.
We certainly don't want to be responsible for another incident like the infamous Debian ssh key incident, so I say we need to be very careful when messing with sources of randomness.
.hc
More information about the Guardian-dev
mailing list