According to these three links:
https://stackoverflow.com/questions/22150896/is-it-possible-to-add-entropy-from-a-hardware-rng-to-the-windows-cryptoapi
https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf
https://msdn.microsoft.com/en-us/library/windows/desktop/aa375458.aspx
…it was once possible for developers to incorporate additional sources of entropy, but this was discontinued in Windows 8 and later, in favor of a TPM.
There are, however, sources of entropy in addition to a TPM (or when a TPM is unavailable). Microsoft is vague as to how these sources are used or to what extent each source is taken into account. It would appear that this is per-application rather than a single /dev/random
Reading those articles, it would seem that a Windows equivalent of rngd, using TrueRNG hardware, could affect entropy per-application in the following ways:
* Incrementing the serial port count by 1
* Occasionally writing random amounts of TrueRNG-generated random bytes to memory (and/or the page file), using a random amount of threads
* Adding one or more TrueRNG-generated nonsense environment variables to the system that occasionally change
* The fact that a program exists doing all this
Something like this would be interesting. Unfortunately it would be tough to prove how/if it has any effect.
-
This reply was modified 6 years, 8 months ago by
redneonglow.