What is HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed and what is it used for?

What is HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed and what is it used for?
johnqgaltAsked:
Who is Participating?
 
20LILY00Commented:
0
 
ometecuhtli2001Commented:
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed is a seed for a cryptographic random number.  There are two ways to generate seeds for random numbers in cryptography:  using hardware and using software.  Hardware-based number generation involves connecting special hardware to the computer, which is dedicated to crypto applications.  This registry key appears to be for the software-based method.  The CSP's or cryptographic service providers are able to use this (for example) when generating a password hash.  If you open up c:\winnt\system32\rsabase.dll and do a search for "crypto" you will come across a reference to HKLM\SOFTWARE\Microsoft\Cryptography\RNG.  This particular DLL is the base cryptographic provider which appears to provide RSA encryption, possibly in support of other CSP's, but don't quote me on that. :-)
0
 
johnqgaltAuthor Commented:
Thank you for your comments. Can you please explain why  HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed is so frequently used by applications which do not even use crypto? For example, opening a simple application like MS Paint or metapad results in 6 or 7 "set value" actions in this key. Why is that?
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
ometecuhtli2001Commented:
I just checked my copy of mspaint.exe (running Windows XP v2002) and I didn't find any occurrence of "crypto" or "seed."  Maybe a DLL it calls does this as part of its initialization routine or there's something wrong with your mspaint.exe (i.e., infection).  As it was, I had to dig hard and deep to even come up with what little info I was able to give you.  This is probably a question for Microsoft support, and quite frankly I'd be very surprised if they had an even halfway satisfactory answer, because the support people probably don't even know and they work for the company that writes the software!  I run Windows 2000 SP4 at work - I'll be sure to check there on Monday.
0
 
ometecuhtli2001Commented:
I just checked mspaint on my work system (Windows 2000 SP4) and there is no mention of crypto, seed or RNG in it.
0
 
johnqgaltAuthor Commented:
Thanks for your followup, ometecuhtli2001. Try running <a href="http://www.sysinternals.com/ntw2k/source/regmon.shtml">regmon</a> and then opening MS Paint (I tested on Windows 2000). It will SetValue 6 or 7 times in that key. I would like to know why.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.