| 发明名称 | Pooling entropy to facilitate mobile device-based true random number generation | ||
| 摘要 | A mobile device operating system pools any available entropy. The resulting entropy pool is stored in device memory. When storing entropy in memory, preferably memory addresses are randomly allocated to prevent an attacker from capturing entropy that might have already been used to create a random number. The stored entropy pool provides a readily-available entropy source for any entropy required by the operating system or device applications. Then, when a cryptographic application requests a true random number, the operating system checks to determine whether the pool has available entropy and, if so, a portion of the entropy is provided to enable generation (e.g., by a TRNG) of a true random number that, in turn, may then be used for some cryptographic operation. After providing the entropy, the operating system clears the address locations that were used to provide it so that another entity cannot re-use the entropy. | ||
| 申请公布号 | US9449197(B2) | 申请公布日期 | 2016.09.20 |
| 申请号 | US201313916655 | 申请日期 | 2013.06.13 |
| 申请人 | GLOBAL FOUNDRIES INC. | 发明人 | Green Matthew John;McLean Leigh Stuart;Waltenberg Peter Theodore |
| 分类号 | G06F21/72;G06F7/58 | 主分类号 | G06F21/72 |
| 代理机构 | DeLio, Peterson & Curcio, LLC | 代理人 | DeLio, Peterson & Curcio, LLC ;Pegnataro David R. |
| 主权项 | 1. A method to generate a true random number for use in a cryptographic operation, the method operative in a mobile device comprising an operating system, and one or more hardware devices, comprising: allocating random available storage areas of a data store of the mobile device to store entropy data in an entropy data pool; pooling into the data store of the mobile device entropy data generated from the one or more hardware devices to form the entropy data pool; and determining whether sufficient entropy data is present in the data store in response to a request, including responsive to sufficient entropy data being present in the data store, retrieving entropy data from particular locations in the data store; using the entropy data retrieved to generate a true random number, and clearing the particular locations from which the entropy data was retrieved; and responsive to insufficient entropy data being present in the data store, using an operating system-based random number generator to generate the true random number. | ||
| 地址 | Grand Cayman KY | ||