RFC 1750:Randomness Recommendations for Security
RFC-Ref
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Randomness Recommendations for Security
1. Introduction
2. Requirements
3. Traditional Pseudo-Random Sequences
4. Unpredictability
4.1. Problems with Clocks and Serial Numbers
4.2. Timing and Content of External Events
4.3. The Fallacy of Complex Manipulation
4.4. The Fallacy of Selection from a Large Database
5. Hardware for Randomness
5.1. Volume Required
5.2. Sensitivity to Skew
5.2.1. Using Stream Parity to De-Skew
5.2.2. Using Transition Mappings to De-Skew
5.2.3. Using FFT to De-Skew
5.2.4. Using Compression to De-Skew
5.3. Existing Hardware Can Be Used For Randomness
5.3.1. Using Existing Sound/Video Input
5.3.2. Using Existing Disk Drives
6. Recommended Non-Hardware Strategy
6.1. Mixing Functions
6.1.1. A Trivial Mixing Function
6.1.2. Stronger Mixing Functions
6.1.3. Diffie-Hellman as a Mixing Function
6.1.4. Using a Mixing Function to Stretch Random Bits
6.1.5. Other Factors in Choosing a Mixing Function
6.2. Non-Hardware Sources of Randomness
6.3. Cryptographically Strong Sequences
6.3.1. Traditional Strong Sequences
6.3.2. The Blum Blum Shub Sequence Generator
7. Key Generation Standards
7.1. US DoD Recommendations for Password Generation
7.2. X9.17 Key Generation
8. Examples of Randomness Required
8.1. Password Generation
8.2. A Very High Security Cryptographic Key
8.2.1. Effort per Key Trial
8.2.2. Meet in the Middle Attacks
8.2.3. Other Considerations
9. Conclusion
10. Security Considerations
11. References
12. Authors' Addresses
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org
