The source of randomness is Go's rand package, thus the concrete details will depend on the underlying system/environment, e.g.,

  • Linux, FreeBSD: getrandom(2) if available, /dev/urandom otherwise
  • OpenBSD: getentropy(2)
  • Unix-like systems: /dev/urandom
  • Windows: CryptGenRandom API

A version of the TSM based on a platform consisting of Go and BoringCrypto running on Intel hardware is currently in the process of being FIPS-140-3 certified. BoringCrypto is FIPS-140-2 certified and on an Intel platform, the DRBG utilizes RDRAND, which is also FIPS-140-2 certified.

Key Generation

When generating keys in the TSM this will draw upon the described entropy sources at each MPC node. During key generation a node only learns its own share, and the full key is never assembled or available.