Skip to main content

How Random is Random Enough For Cryptography?

posted onMay 11, 2015
by l33tdawg

Random numbers in cryptography are key (pun intended). They can be a weak point in a crypto system and, consequently, are frequently the target of attack. So I've been trying to get my head around the subject of randomness.

I was always taught that thermal noise from a diode junction was random, but now -- it seems -- not random enough. Cryptographers inhabit a twilight world where they are always trying to think up possible attack methods by the bad guys and then figuring out ways to defeat them. And it's a good thing that they do, as most people (me included) rely on secure communications for transactions like on-line banking and shopping. But I digress...

Many of the top gurus of cryptography work at the National Institute of Standards and Technology (NIST). This organization published specifications of how to make an apparently random stream of bits suitable for use in encryption. The solution in its specification SP800-90A is to take the bit stream and encrypt it in a machine called a Deterministic Random Bit Generator (DRBG) to create a Random Number Generator (RNG). That makes sense to me.

Source

Tags

Encryption

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th