[mike-cardwell]

Others have explained why it's not possible to create a good software random number generator. Hardware RNGs don't just provide a much better quality stream of random data, they also provide a much higher quantity of it. I just generate a GnuPG 2048 bit keypair by running "gpg --gen-key" on my laptop. It took over 11 minutes to gather enough entropy to build the key. I then plugged my Entropy Key into the laptop and repeated the process. This time it took less than 2 seconds.

[tptacek]

What kind of laptop is this? We generate 2048 bit keys all the time with GPG. It's never taken 11 minutes. I just generated one in under 5 seconds.

[mike-cardwell]

A Lenovo Thinkpad T420 with an Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz, 8GB of RAM and an SSD. It's running Ubuntu 10.04, GnuPG 2.0.14, and a 3.2.0 Linux kernel.

The laptop was relatively idle when the test was being run.

It's worth noting that when you do a --gen-key it does output the message:

"We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilise the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy."

I can't imagine it would state that if "5 seconds" was anything like normal. Perhaps you have some sort of additional source of entropy which you don't know about.