ID ACTION:draft-ietf-security-randomness-01.txt
Internet-Drafts@CNRI.Reston.VA.US Tue, 05 October 1993 13:32 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa02718; 5 Oct 93 9:32 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa02694; 5 Oct 93 9:32 EDT
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aa02784; 5 Oct 93 9:32 EDT
Received: from ietf.cnri.reston.va.us by IETF.CNRI.Reston.VA.US id aa02634; 5 Oct 93 9:32 EDT
Received: from [127.0.0.1] by IETF.CNRI.Reston.VA.US id aa02459; 5 Oct 93 9:21 EDT
Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
To: IETF-Announce:;
X-Orig-Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Internet-Drafts@CNRI.Reston.VA.US
Reply-to: Internet-Drafts@CNRI.Reston.VA.US
Subject: ID ACTION:draft-ietf-security-randomness-01.txt
Date: Tue, 05 Oct 1993 09:21:33 -0400
X-Orig-Sender: cclark@CNRI.Reston.VA.US
Message-ID: <9310050921.aa02459@IETF.CNRI.Reston.VA.US>
A Revised Internet Draft is available from the on-line Internet-Drafts directories. Title : Randomness Requirements for Security Author(s) : D. Eastlake, S. Crocker, J. Schiller Filename : draft-ietf-security-randomness-01.txt Pages : 29 Security systems today are built on increasingly strong cryptographic algorithms that foil pattern analysis attempts. However, the security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar quantities. The use of pseudo-random processes to generate secret quantities can result in pseudo-security. The sophisticated attacker of these security systems will often find it easier to reproduce the environment that produced the secret quantities, searching the resulting small set of possibilities, than to locate the quantities in the whole of the number space. Choosing random quantities to foil a resourceful and motivated attacker is surprisingly difficult. This paper points out many pitfalls in using traditional pseudo-random number generation techniques for choosing such quantities, recommends the use of truly random hardware techniques, provides suggestions to ameliorate the problem when a hardware solution is not available, and gives examples of how large such quantities need to be for some particular applications. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and password "guest". After logging in, Type "cd internet-drafts". "get draft-ietf-security-randomness-01.txt". Internet-Drafts directories are located at: o East Coast (US) Address: ds.internic.net (198.49.45.10) o West Coast (US) Address: ftp.nisc.sri.com (192.33.33.22) o Pacific Rim Address: munnari.oz.au (128.250.1.21) o Europe Address: nic.nordu.net (192.36.148.17) Internet-Drafts are also available by mail. Send a message to: mail-server@nisc.sri.com. In the body type: "SEND draft-ietf-security-randomness-01.txt". For questions, please mail to internet-drafts@cnri.reston.va.us. Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the Internet Draft.
- ID ACTION:draft-ietf-security-randomness-01.txt Internet-Drafts