Data Protection and Security |
||||||
I |
Secret Key Cryptography |
|||||
I.IV |
Random Number Generators |
|||||
 |
||||||
In order to generate keys, initialization vectors, etc. needed in cryptographic protocols, a source of random bits unpredictable for any adversary is needed. The highly deterministic nature of computing environments makes finding secure random numbers a non-trivial and often neglected problem. There is an important distinction between random and pseudorandom. Random number generators truly generate numbers unpredictably, which can be done with dedicated hardware e.g. with an hardware that measures the low order bits of a counter counting the number of radioactivity particles per unit time. However most computers do not have this kind of special hardware. Therefore, for them the only possibility left is to generate numbers pseudorandomly. A pseudorandom generator is a deterministic algorithm. The entire sequence it will generate is determined by the initial seed value. Fortunately, if this seed value is adequately unguessable, the generated sequence can be as good as the output of a random number generator. A pseudorandom generator using a hash function generates random numbers (R’s) as follows: R1= h(seed) R2 = h(seed, R1) ... Rn = h(seed, Rn-1) Therefore, seeding the generator is the most important issue. Just like the key length of symmetric ciphers or the output length of hash functions, size of the space the seed value should be chosen from is crucial in order to prevent exhaustive search attacks. A number of such alternatives is as follows.
Finally, it is a good practice to XOR the results of different sources of randomness to get a better random number (it is at least as secure as the output of the best random number generator). |
||||||
|
||||||
|
||||||
|
concepts » | |||||