On "randomness"

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Aug 1 01:38:28 EDT 2008

John Denker <jsd at av8n.com> writes:

>  *) At the other extreme, there are many high-stakes business,
>   military, and gambling applications where I would agree with 
>   von Neumann, and would shun absolutely all PRNGs.  I would 
>   rely exclusively on _hardware_ randomness generators, as
>   detailed at:
>      http://www.av8n.com/turbid/

I would never rely *exclusively* on any source because then a failure in your 
exclusive source, no matter how magical it is, will bring down your entire 
system.  Use a hardware RNG if you want to, but also XOR in the output from a 
PRNG, and a block cipher in counter mode, and a MAC of the time.  And apply 
the NIST tests on the data you're using, and on the generator output.  And 
don't forget to do [...].

A good randomness/key generator is more an engineering problem than an 
algorithmic one.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list