As to the background and object underlying the present invention it is to be explained that for cryptographic functions, random numbers are needed. These random numbers are also called nonce. To generate random numbers, often a certain seed is used to initialize a random number generator. From this seed, multiple random numbers are generated, till the seed is exhausted and a new seed is needed.
A seed is defined as an integer, used to set the starting point for generating a series of random numbers. The seed sets the generator to a random starting point. A unique seed returns a unique random number sequence.
This seed or random number is e.g. used in encryption of network-traffic like SSL (Secure Sockets Layer) which is now called TLS (Transport Layer Security), in iPsec (Internet Protocol Security), to mention only the most important protocols.
The Diffie-Hellman key exchange is also based on random numbers. When an attacker knows the random numbers, he can decrypt the encrypted messages and also tamper the messages.
When there is a weak random seed, meaning the random generator has only little entropy, an attacker can limit the possible random numbers and so can make a brute-force-attack against the random, meaning he tries all possible random numbers to hack the data, i.e. to decrypt the encrypted data.
Entropy is a measure of unpredictability of information content. More about random and seed can be found in the publication RFC 4086, “Randomness Requirements for Security” of Eastlake et al., Motorola Laboratories, © The Internet Society 2005.
For computer applications which want to use encrypted network traffic, it is common use that the seed is generated at that time when the application is started. The same is also true for servers serving multiple clients. Only when the seed is exhausted, meaning a certain pre-defined number of unique random numbers have been generated, the application needs to generate a new seed. This is called re-seeding.
Computers are machines which do the same thing in the same way every time they do it. So, as computers execute programs in the same way every time and every time the program runs, it is not trivial to generate a random number or seed with a computer.
In the book Bovet, Daniel P., “Understanding the Linux Kernel” of Nov. 17, 2005 there is explained a function SA_SAMPLE_RANDOM. Accordingly the device may be considered a source of events that occur randomly; it can thus be used by the kernel random number generator. Users can access this feature by taking random numbers from the /dev/random and /dev/urandom device files. So the Linux kernel makes random/seed from interrupts and network traffic.
To get a random or seed, multiple sources can be used so to get a seed with high entropy. When a computer is started, processes needing random numbers should not need to wait a long time for the process of getting seed with high entropy. In order to keep this time short, a number of external entropy sources can be combined.
As concerns prior art documents US 2008/0189356 A1 discloses a broad variety of entropy sources which are said to be poor, like the combination of inter-keystroke timings, mouse-coordinate deltas or inter-interrupt timing values on a local machine. To enhance the situation this publication proposes to use further entropy sources based on network interface parameters, like a packet length, an amount of time between receipt of packets, the rate of collisions of packets or the like wherein the packets are interchanged by wired, wireless or combined connection techniques.
Further publications, like                US 2015/082425 A1,        CHERKAOUI ABDELKARIM ET AL: “A Very Speed True Random Number Generator with Entropy Assessment”, Aug. 20, 2013, Correct System Design, SPRINGER INTERNATIONAL PUBLISHING, CHAM, Pages 179-196, XP047036750, ISSN: 0302-9743, ISBN: 978-3-642-36616-1        VLADISLAV PETKOV ET AL: “Characterizing per-application network traffic using entropy”, ACM TRANSACTIONS ON MODELING AND COMPUTER SIMULATION, ACM, NEW YORK.; N.Y.; US, vol. 23, no. 2 10 May 2013, pages 1-25, XP058018270, ISSN: 1049-3301, DO1: HTTP.//DX.DOI.ORG/10.1145/2457459.24574463, and        US 2010/023749 A 1        
are to be cited as technological background, as they disclose a very broad variety of entropy sources, however, are silent about the basic entropy source of the invention described in the following.