Entropy generation using Apple corecrypto non-physical entropy source

Hi,

We are using the following API from sys/random.h to generate entropy in our module.

int getentropy(void* buffer, size_t size);

Could you confirm if this API internally uses a non-physical entropy source and adhere to SP800-90B as the following document says:

https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E181_PublicUse.pdf

Answered by DTS Engineer in 824928022
Written by rg1985 in 824899022
What is the best way to generate entropy using Mac SDK?

OK, now that’s a question I can answer. Except that I can’t, because “best” is very subjective. But there are, at least, technical trade-offs to be made.

macOS has a wide range of random number generates. In general, it’s pretty clear as to whether they are suited for cryptographic use or not.

The best option depends on what layer your most comfortable with. I generally use SecRandomCopyBytes or Apple CryptoKit’s SymmetricKey, because a) it’s absolutely clear that these are expected to be cryptographically sound, and b) that’s the level of the system that I like working at. However, if you want to go lower there’s CCRandomGenerateBytes [1]. And if you love you some BSD, there’s arc4random and /dev/random.

The one I don’t use is getentropy, because the getentropy man page makes it clear that it’s not intended to be used for bulk random data. Rather, we expect it to be used to seed an in-process random number generator, and I’m not interested in building one of those.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] This is from CommonCrypto, which is effectively the API to CoreCrypto.

DTS generally stays away from questions like this. In many cases you can find answers in Apple Platform Security. If not, my advice is that you file a bug against the documentation with details of the specific information you’d like to see it contain.

If you do file a bug, please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Thanks Eskimo. Let me rephrase the question a little bit.

What is the best way to generate entropy using Mac SDK?

Found 2 APIs : SecRandomCopyBytes(...) from Security framework or getentropy(...) from random.h ?

Which APIs related to Apple Core Crypto?

Which API has highest level of security while generating entropy bytes?

Written by rg1985 in 824899022
What is the best way to generate entropy using Mac SDK?

OK, now that’s a question I can answer. Except that I can’t, because “best” is very subjective. But there are, at least, technical trade-offs to be made.

macOS has a wide range of random number generates. In general, it’s pretty clear as to whether they are suited for cryptographic use or not.

The best option depends on what layer your most comfortable with. I generally use SecRandomCopyBytes or Apple CryptoKit’s SymmetricKey, because a) it’s absolutely clear that these are expected to be cryptographically sound, and b) that’s the level of the system that I like working at. However, if you want to go lower there’s CCRandomGenerateBytes [1]. And if you love you some BSD, there’s arc4random and /dev/random.

The one I don’t use is getentropy, because the getentropy man page makes it clear that it’s not intended to be used for bulk random data. Rather, we expect it to be used to seed an in-process random number generator, and I’m not interested in building one of those.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] This is from CommonCrypto, which is effectively the API to CoreCrypto.

Thanks Quinn.

Our usecase is to seed DRBG (Deterministic Random Bit Genrerator) using entropy bits generated from a non-physical source.

So which one of these APIs adhere to the entropy certificate as per the below document: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E181_PublicUse.pdf

Could you point us in right direction?

If your goal is to seed a random number generator then getentropy is a fine choice.

Beyond that, see my comment above about not commenting on standards compliance.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Entropy generation using Apple corecrypto non-physical entropy source
 
 
Q