The Entropy Hack gathers randomness or “entropy” by recording system events, then uses this entropy to patch PalmOS’ SysRandom() call, to generate high-quality random numbers for any application that needs them.
Why Is This Useful?
The PalmOS SysRandom() call is a weak pseudo-random number generator. It combines an initial “seed” (often the system clock or some value derived from it is used; this is under application control) with a mathematical algorithm to generate a sequence of numbers that appear to be random. For most purposes this is fine, however in certain cases (such as encryption or password generation) it is not good enough.
For example, suppose you use your Palm to generate passwords, and also suppose that you maintain the physical security of your Palm, that is, it is kept completely separate from the systems it generates passwords for. If you generate passwords of 8 characters with a mix of upper or lower case letters and digits, you get 2.2E14 combinations, equivalent to roughly 47 bits.
HOWEVER, if an attacker knows that you generate your passwords on your Palm, and also knows which application you use to do it, your passwords may be of much poorer quality. If the application uses the SysRandom() function, it likely seeds it first. The seed value is 32 bits, so that immediately reduces your password quality to 32 bits even though it appears to be 47 bits, since the algorithm generating it is based on a 32-bit starting value. With modern desktop processors, a 32-bit quality password could be cracked in a matter of hours. Even worse, if the application derives the seed from the system clock and the attacker knows roughly when the password was generated, then he has a better idea of the seed. Knowing that the password was generated in a given 12 month period further reduces the quality to 24 bits, in a given month to 21 bits, and a week to 19 bits.
So, if you can bypass these weak algorithmic values entirely, your passwords should be of much better quality. If you still do not understand why this hack is useful, then you don’t need it.
Will Existing Applications Be Affected?
If the applications seed SysRandom using something like the system clock, in order to get as good quality randomness as possible, they will work fine, except that they should receive better quality randomness. If they seed it in a particular way they will not get the sequence they expected. An example of this is the game Shisensho. Each game is assigned a “code” which is just the seed for the system generator. Same code = same game. With Entropy Hack loaded, same code = different game.
How Does Entropy Hack Gather Entropy?
Entropy Hack traps user-initiated events such as character entry and pen taps and shovels data associated with each event plus an existing entropy pool through the MD5 secure one-way hash function to generate a new entropy pool. Random numbers are generated similarly – the random pool and a counter is shoveled through MD5 to give random values. Since MD5 is computationally infeasible to reverse, there is no way for an attacker to predict either previous or subsequent values based on current values, without access to the PalmOS device.
The Entropy Hack requires X-Master. It may also work with the original HackMaster, but this has not been tested.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. A copy of the version 2 license can be found in the file “license.txt” in this distribution.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the file license.txt (supplied with this program) for more details.
If Entropy Hack is useful to you or especially if it misbehaves or crashes, please let me know: joat@joat.ca. In the case of a crash, a reproducible test case will be very helpful.