ID ACTION:draft-ietf-security-randomness-01.txt

Internet-Drafts@CNRI.Reston.VA.US Tue, 05 October 1993 13:32 UTC

Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
To: IETF-Announce:;
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Internet-Drafts@CNRI.Reston.VA.US
Reply-to: Internet-Drafts@CNRI.Reston.VA.US
Subject: ID ACTION:draft-ietf-security-randomness-01.txt
Date: Tue, 05 Oct 1993 09:21:33 -0400
Message-ID: <9310050921.aa02459@IETF.CNRI.Reston.VA.US>

A Revised Internet Draft is available from the on-line Internet-Drafts 
directories.                                                               

       Title     : Randomness Requirements for Security                    
       Author(s) : D. Eastlake, S. Crocker, J. Schiller
       Filename  : draft-ietf-security-randomness-01.txt
       Pages     : 29

Security systems today are built on increasingly strong cryptographic 
algorithms that foil pattern analysis attempts. However, the security of 
these systems is dependent on generating secret quantities for passwords, 
cryptographic keys, and similar quantities.  The use of pseudo-random 
processes to generate secret quantities can result in pseudo-security.  The
sophisticated attacker of these security systems will often find it easier 
to reproduce the environment that produced the secret quantities, searching
the resulting small set of possibilities, than to locate the quantities in 
the whole of the number space.                              

Choosing random quantities to foil a resourceful and motivated attacker 
is surprisingly difficult.  This paper points out many pitfalls in using 
traditional pseudo-random number generation techniques for choosing such 
quantities, recommends the use of truly random hardware techniques, 
provides suggestions to ameliorate the problem when a hardware solution 
is not available, and gives examples of how large such quantities need 
to be for some particular applications.                                              

Internet-Drafts are available by anonymous FTP.  Login with the	
username "anonymous" and password "guest".  After logging in,
Type "cd internet-drafts".
     "get draft-ietf-security-randomness-01.txt".
 
Internet-Drafts directories are located at:	
	                                                
     o  East Coast (US)                          
        Address:  ds.internic.net (198.49.45.10)	
	                                                
     o  West Coast (US)                          
        Address:  ftp.nisc.sri.com (192.33.33.22)
							
     o  Pacific Rim                              
        Address:  munnari.oz.au (128.250.1.21)	
	                                                
     o  Europe                                   
        Address:  nic.nordu.net (192.36.148.17)	
	                                                
Internet-Drafts are also available by mail.	
	                                                
Send a message to:  mail-server@nisc.sri.com. In the body type: 
     "SEND draft-ietf-security-randomness-01.txt".
							
For questions, please mail to internet-drafts@cnri.reston.va.us.
							

Below is the data which will enable a MIME compliant Mail Reader 
implementation to automatically retrieve the ASCII version
of the Internet Draft.

ftp://ds.internic.net/internet-drafts/draft-ietf-security-randomness-01.txt"><ftp://ds.internic.net/internet-drafts/draft-ietf-security-randomness-01.txt>

ID ACTION:draft-ietf-security-randomness-01.txt Internet-Drafts