RandGen: Generate Secure Random Numbers

 

RandGen allows you to generate cryptographically secure random numbers, using only mouse movements. You can use it to generate secure passwords, encryption keys, or anything else that needs a good random value. Of course, you can just play with it, too :)

How it Works: As you move your mouse, the application tracks the direction, length, timings, and other subtleties of your movements. These raw values are fed into an "Entropy Pool"-- basically a big holding tank for random data. As data is collected, the application keeps track of approximately how many random bits have been collected. Once we collect enough bits, they will be fed into the next step:

Though the pool does contain random data, the values are not completely random as-is: For example, if you move the mouse down and to the right, there may be a good chance that the next movement will be up and to the left, etc. To account for this, the entire entropy pool is fed into a Cryptographic Hash Function (in this case, SHA-1), which converts the large amount of data into the Entropy Pool into a smaller block of (I hope) truly random data. Here's why: For a good hash function, changing even just a single bit of the input value causes each bit of the output to have a 50% chance of flipping. In other words, a very small change on the input has a very large effect on the output. This is perfect for our random number generator: We don't need all the bits in our Entropy Pool to be random-- just some of them!

A progress bar lets you know how long it will take to gather the desired number of bits. (Moving swiftly, you should be able to easily generate 100 to 140 random bits per second.) When done, you can reformat the values in several different ways (binary, hex, base64, etc). Finally, simple statistics are provided about the percentages of 1's and 0's.

The app should be self-explanatory and easy to use. Give it a try and let me know what you think... Happy Randoming!

Download RandGen v1.00

 

Disclaimer: Though I believe that this application generates reasonably secure random numbers, this application comes with absolutely no warrantee. (Cryptography is notoriously difficult, and I cannot guarantee that I haven't made any mistakes.) I include the full source code (below), so that others may review, learn, suggest improvements, etc.

If you have any problems downloading or running RandGen, please let me know. As always, I welcome comments or suggestions.


Source Code

I get lots of requests for the source code, so I've included a link to it, below. It includes projects for Microsoft VC++ 6.0, and Visual Studio 2005. If you have questions about the code, feel free to send me an email. If I have some time (and if you ask nicely) I'd be happy to try to answer your questions.

Download RandGen 1.00 source code (43KB)

Home