RSACryptoServiceProvider - where does the seed data is being generated?

Question

I have the following code that generates public and private keys using RSA.

// generate RSA 1024
                using (var rsa = new RSACryptoServiceProvider(1024))
                {
                    var publicString = RSACryptoService.ExportPublicKeyNoHeaderFooter(rsa);
                    var privateString = RSACryptoService.ExportPrivateKey(rsa);

                    rsaKey = Convert.FromBase64String(publicString);
                }

My question is on how does RSACryptoServiceProvider generates everytime a random one, does it uses kind of a seed that is based on hardware or on timestamp?

Answer 1

how does RSACryptoServiceProvider generate a random seed? is it based on hardware or on timestamp?

It depends on what hardware is available and what operating system you're running on. If you're running on Windows, the entropy for the seed can come from several sources:

• There may be hardware on the machine dedicated to producing crypto-strength randomness. See https://en.wikipedia.org/wiki/Trusted_Platform_Module

• The hardware/firmware that controls the boot sequence -- what we used to call the BIOS -- may provide crypto services. See https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface.

• Modern Intel and AMD CPUs have a random number generating instruction that gets randomness from the hardware. See https://en.wikipedia.org/wiki/RDRAND

• Modern chips usually have a high-precision clock; the lower bits of it can be used as a source of entropy.

• If none of the above is available, Windows can fall back to the old fashioned approach of using keyboard timings, disk timings, mouse timings, and so on, as sources of entropy.