Entropy Assessment of Windows OS Performance Counters

Abstract

The security of many cryptographic constructions depends on random number generators for providing unpredictable keys, nonces, initialization vectors and other parameters. Modern operating systems implement cryptographic pseudo-random number generators (PRNGs) to fulfill this need. Performance counters and other system parameters are often used as a low-entropy source to initialize (seed) the generators. We perform an experiment to analyze all performance counters in standard installation of Microsoft Windows 7 operating system, and assess their suitability as entropy sources. Besides selecting top 19 counters, we analyze their mutual information (independence) as well as robustness in the virtual environment. Final selection contains 14 counters with sufficient overall entropy for practical applications.