EGDW - The Entropy Gathering Daemon for Windows

What is this?

Download 0.1.0

9 January 2009

From the SourceForge project page.

EGDW is a random number daemon for Microsoft Windows. It sits in the background, gathering randomness from the system. EGDW produces much stronger randomness than Windows native facilities alone. EGDW has, as the name suggests, an EGD-compatible interface (at least as compatible as Windows allows).

The program is basically a front-end for Peter Gutmann's awesome cryptlib library. It's entropy gathering is very sophisticated on Windows, gathering data from many hardware monitors and other good sources.

Sources of randomness due to cryptlib:

Various hardware random number generators if available.
Windows own randomness (CryptGenRandom).
Data from MBM, Everest, SysTool, RivaTuner, HMonitor, and ATI Tray Tools
Computer system hardware via PnP info.
The clipboard.
Windows.
Processes, threads and heaps.
Memory usage.
Network.
Performance counter.
... and some more sources.

Sources of randomness due to EGDW:

Key strokes.
More may be added in future versions (mouse, cameras, microphone etc).

I'm a user. How do I use the program?

Run it. It will sit in the background and not disturb you. Here are some command line options:

`--port=xyz`	Listen on TCP socket xyz. The default is to listen on port 708.
`--close`	Shuts down the current running EGDW instance.
`--with-gui`	If EGDW is not running, this starts the program with a GUI log window. If the program is already running, the GUI for the current EGDW instance is shown. You can close the GUI by minimizing the program. Pressing the X button shuts down EGDW.

Please note that, unfortunately, most EGD compatible software only queries EGD on the Unix socket. So as of right now there aren't many programs EGDW can feed. Some exceptions are programs based on the Python EGD interface.

I'm a developer. How do I use the program?

The original EGD supports several methods to query for random bytes, among others Unix sockets. As this program is for Microsoft Windows, currently only TCP is supported.

How do I get random bytes?

Connect to localhost:XYZ (where XYZ is the port number) and send the two byte packet:

BB LL

BB is the blocking byte, either 0x01 or 0x02. It is so called because in the original EGD there was a choice between blocking and non-blocking. EGDW never blocks, so whether you set this to 0x01 or 0x02 depends on how you want your reply (see below).
LL is the number of random bytes you want (0x00 - 0xFF).

For BB = 0x01, you will recieve the following packet:

LL A0 A1 A2 ..

LL is the number of bytes requested.
A0 A1 A2 .. is LL number of random bytes.

For BB = 0x02, the reply is the same but the LL prefix is missing.

How do I determine which TCP port EGDW is listening on?

EGDW writes the file %WINDIR\egd.port each time it's run. This file contains the port number as an ASCII string (unless the user changed the port, this is the three byte string "708").

Note that even if this file exists, a connect may fail because the program isn't running.

EGDW (c) Björn Edström 2009. See LICENSE for details. This project is hosted by SourceForge.