On the "randomness" of DNS
Dirk-Willem van Gulik
dirkx at webweaving.org
Wed Jul 30 18:13:43 EDT 2008
On 30 Jul 2008, at 19:57, Pierre-Evariste Dagand wrote:
>> But just how GREAT is that, really? Well, we don'
>> t know. Why? Because there isn't actually a way test for
>> randomness. Your
>> DNS resolver could be using some easily predicted random number
>> generator
>> like, say, a linear congruential one, as is common in the rand()
>> library
>> function, but DNS-OARC would still say it was GREAT. Believe them
>> when they
>> say it isn't GREAT, though!
>
> Well, they are some tests to judge the "quality" of a random number
> generator. The best known being the Diehard tests:
>
> http://en.wikipedia.org/wiki/Diehard_tests
> http://stat.fsu.edu/pub/diehard/
>
> For sure, these tests might be an overkill here. Also, there must be
> some tests in the Art of Computer Programming too but I don't have it
> at hand right now (shame on me).
>
> I don't see the point of evaluating the quality of a random number
> generator by statistical tests. But I might be wrong, though.
Sorry - but something like AES(static-key) encrypt of i++ or SHA1(i++)
will pass each and everyone of those test very nicely - but with a bit
of code or silicon peeking - one can probably 'break' this with
relative ease.
I fail to see how you could evaluate this without seeing the code (and
even then - I doubt that one can properly do this -- the ?old? NSA
habit of tweaking your random generated rather than your protocol/
algorithm when they wanted your produced upgraded to export quality -
is terribly effective and very hard to spot).
Or am I missing something ?
Dw
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list