next up previous contents
Next: Fundamental information theory Up: Generation of random numbers Previous: Generation of random numbers

Introduction

All encryption algorithms, both symmetric and asymmetric, in use today are at some point based on truly random keys. An attacker should not be able to guess what passwords or cryptographic keys are used. The use of pseudo-random processes to generate secret quantities can result in pseudo-security. The sophisticated attacker of these security systems may find it easier to reproduce an approximation of the environment that produced the secret quantities, searching the resulting small set of possibilities, than to locate the quantities in the whole of the number space.

Choosing random quantities to foil a resourceful and motivated adversary is surprisingly difficult. This chapter describes some of the underlying theory and gives examples of possible random number sources.



Asgaut Eng
Wed Apr 10 14:07:30 MET DST 1996