Entropy Assessment of Windows OS Performance Counters
This work addresses the need for reliable entropy sources in operating systems to enhance cryptographic security, though it is incremental as it focuses on a specific OS version.
The researchers analyzed all performance counters in Windows 7 to assess their suitability as entropy sources for cryptographic random number generators, selecting 14 counters with sufficient overall entropy for practical use.
The security of many cryptographic constructions depends on random number generators for providing unpredictable keys, nonces, initialization vectors and other parameters. Modern operating systems implement cryptographic pseudo-random number generators (PRNGs) to fulfill this need. Performance counters and other system parameters are often used as a low-entropy source to initialize (seed) the generators. We perform an experiment to analyze all performance counters in standard installation of Microsoft Windows 7 operating system, and assess their suitability as entropy sources. Besides selecting top 19 counters, we analyze their mutual information (independence) as well as robustness in the virtual environment. Final selection contains 14 counters with sufficient overall entropy for practical applications.