Browse Prior Art Database

Randomness Requirements for Security (RFC4086)

IP.com Disclosure Number: IPCOM000125500D
Original Publication Date: 2005-Jun-01
Included in the Prior Art Database: 2005-Jun-04

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Eastlake: AUTHOR [+4]

Abstract

Security systems are built on strong cryptographic algorithms that foil pattern analysis attempts. However, the security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar quantities. The use of pseudo-random processes to generate secret quantities can result in pseudo- security. A sophisticated attacker may find it easier to reproduce the environment that produced the secret quantities and to search the resulting small set of possibilities than to locate the quantities in the whole of the potential number space.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 3% of the total text.

Network Working Group                                   D. Eastlake, 3rd
Request for Comments: 4086                         Motorola Laboratories
BCP: 106                                                     J. Schiller
Obsoletes: 1750                                                      MIT
Category: Best Current Practice                               S. Crocker
                                                               June 2005

                  Randomness Requirements for Security

Status of This Memo

   This document specifies an Internet Best Current Practices for the
   Internet Community, and requests discussion and suggestions for
   improvements.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   Security systems are built on strong cryptographic algorithms that
   foil pattern analysis attempts.  However, the security of these
   systems is dependent on generating secret quantities for passwords,
   cryptographic keys, and similar quantities.  The use of pseudo-random
   processes to generate secret quantities can result in pseudo-
   security.  A sophisticated attacker may find it easier to reproduce
   the environment that produced the secret quantities and to search the
   resulting small set of possibilities than to locate the quantities in
   the whole of the potential number space.

   Choosing random quantities to foil a resourceful and motivated
   adversary is surprisingly difficult.  This document points out many
   pitfalls in using poor entropy sources or traditional pseudo-random
   number generation techniques for generating such quantities.  It
   recommends the use of truly random hardware techniques and shows that
   the existing hardware on many systems can be used for this purpose.
   It provides suggestions to ameliorate the problem when a hardware
   solution is not available, and it gives examples of how large such
   quantities need to be for some applications.

Eastlake, et al.            Standards Track                     [Page 1]
RFC 4086         Randomness Requirements for Security          June 2005


Table of Contents

   1. Introduction and Overview .......................................3
   2. General Requirements ............................................4
   3. Entropy Sources .................................................7
      3.1. Volume Required ............................................7
      3.2. Existing Hardware Can Be Used For Randomness ...............8
           3.2.1. Using Existing Sound/Video Input ....................8
  ...