Overview

This is an apache module the creates random values from incoming requests.
It will only work on systems that have the RNDADDENTROPY ioctl, i only know of linux.

If you use encryption on your pages either for ssl, by using mcrypt for stuff or ssh, gpg, etc.
you will use the systems random source. This is filled up by the kernel via some irq and
user interaction. So it fills quite slowly and it is limited. And it fills even slower on a server
where no Keyboard Interrupts or such will happen most of the time.

This problem is addressed by the existence of /dev/urandom which does some magic, so that the request
for random numbers will never block. But the quality of these random numbers is a matter of discussion
right now.

So i came up with the idea that user interachtion on a webserver (request) related to time are also
entropic in nature and decided to build an apache module to fill the kernel random pool by that way.
This should increase the quality as well as the responsiveness of encryption.

Actually i must confess that i have no really clue what a random number makes it cryptographically
"good" and i would be happy to get some feedback on this.

For further questions feel free to contact me via email

Issue tracking

View all issues