Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
6.10 References
“Cryptographic Randomness from Air Turbulence in Disk Drives”, Don Davis, Ross Ihaka, and Philip Fenstermacher, Proceedings of Crypto’ 94, Springer-Verlag Lecture Notes in Computer Science, No.839, 1994.
“Truly Random Numbers”, Colin Plumb, Dr.Dobbs Journal, November 1994, p.113.
“PGP Source Code and Internals”, Philip Zimmermann, MIT Press, 1995.
“Random noise from disk drives”, Rich Salz, posting to cypherpunks mailing list, message-ID 9601230431.AA06742@sulphur.osf.org, 22 January 1996.
“A Practical Secure Physical Random Bit Generator”, Markus Jacobsson, Elizabeth Shriver, Bruce Hillyer, and Ari Juels, Proceedings of the 5thACM Conference on Computer and Communications Security, 1998, p.103.
“IBM-PC flawless true random number generator”, Nico de Vries, posting to sci.crypt newsgroup, message-ID 2670@accucx.cc.ruu.nl, 18 June 1992.
“My favourite random-numbers-in-software package (unix)”, Matt Blaze, posting to cypherpunks mailing list, message-ID 199509301946.PAA15565@crypto.com, 30 September 1995.
“Using and Creating Cryptographic-Quality Random Numbers”, John Callas, http://www.merrymeet.com/jon/usingrandom.html, 3 June 1996.
“Suggestions for random number generation in software”, Tim Matthews, RSA Data Security Engineering Report, 15 December 1995 (reprinted in RSA Laboratories’ Bulletin No.1, 22 January 1996).
“Applied Cryptography (Second Edition)”, Bruce Schneier, John Wiley and Sons, 1996.
“Cryptographic Random Numbers”, IEEE P1363 Working Draft, Appendix G, 6 February 1997.
“Zufallstreffer”, Klaus Schmeh and Dr. Hubert Uebelacker, c’t, No.14, 1997, p.220.
“Randomness Recommendations for Security”, Donald Eastlake, Stephen Crocker, and Jeffrey Schiller, RFC 1750, December 1994.
“The Art of Computer Programming: Volume 2, Seminumerical Algorithms”, Donald Knuth, Addison-Wesley, 1981.
“Handbook of Applied Cryptography”, Alfred Menezes, Paul van Oorschot, and Scott Vanstone, CRC Press, 1996.
“Exploring Randomness”, Gregory Chaitin, Springer-Verlag, December 2000.
“Foundations of Cryptography: Basic Tools”, Oded Goldreich, Cambridge University Press, August 2001.
“Netscape’s Internet Software Contains Flaw That Jeopardizes Security of Data”, Jared Sandberg, The Wall Street Journal, 18 September 1995.
“Randomness and the Netscape Browser”, Ian Goldberg and David Wagner, Dr.Dobbs Journal, January 1996.
“Breakable session keys in Kerberos v4”, Nelson Minar, posting to the cypherpunks mailing list, message-ID 199602200828.BAA21074@nelson.santafe.edu, 20 February 1996.
“X Authentication Vulnerability”, CERT Vendor-Initiated Bulletin VB-95:08, 2 November 1995.
“glibc resolver weakness”, antirez, posting to the bugtraq mailing list, message-ID 20000503034046.A9579@nagash.marmoc.net, 3 May 2000.
“A Stateful Inspection of FireWall-1”, Thomas Lopatic, John McDonald, and Dug Song, posting to the bugtraq mailing list, message-ID 20000816140955.-5CD7E10865E@naughty.monkey.org, 16 August 2000.
“FWTK, Gauntlet ‘random seed’ security problem”, ‘kadokev’, posting to the bugtraq mailing list, message-ID 19990416203627.15201.qmail@msg.net, 16 April 1999.
“‘Pseudo-random’ Number Generation Within Cryptographic Algorithms: The DDS [sic] Case”, Mihir Bellare, Shafi Goldwasser, and Daniele Micciancio, Proceedings of Crypto’97, Springer-Verlag Lecture Notes in Computer Science No.1294, August 1997, p.276.
“Crypto Blunders”, Steve Burnett, Proceedings of the 2nd Systems Administration and Networking Conference (SANE 2000), Netherlands Unix Users Group, May 2000, p.239 (also available on the CD accompanying “RSA Security’s Official Guide To Cryptography”, Steve Burnett and Stephen Paine, McGraw-Hill, 2001).
“RE: Signature certification”, Ross Anderson, posting to the ukcrypto mailing list, message-ID E14jz1F-0004ld-00@wisbech.cl.cam.ac.uk, 2 April 2001.
“Murphy’s law and computer security”, Wietse Venema, Proceedings of the 6thUsenix Security Symposium, July 1996, p.187.
“Internet Gambling Software Flaw Discovered by Reliable Software Technologies Software Security Group”, Reliable Software Technologies, http://www.-rstcorp.com/news/gambling.html, 1 September 1999.
“A sure bet: Internet gambling is loaded with risks”, Ann Kellan, CNN news story, 3 September 1999.
“Re: New standart for encryption software”, Albert P.Belle Isle, posting to the sci.crypt newsgroup, message-ID v8e3asks612a3iu8pmr5677uhfes7gupun@4ax.com, 9 February 2000.
“Key Generation Security Flaw in PGP 5.0”, Germano Caronni, posting to the coderpunks mailing list, message-ID 20000523141323.A28431@olymp.org, 23 May 2000.
“Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator”, John Kelsey, Bruce Schneier, and Niels Ferguson, Proceedings of the 6thAnnual Workshop on Selected Areas in Cryptography (SAC’99), Springer-Verlag Lecture Notes in Computer Science, No.1758, August 1999, p.13.
“Proper Initialisation for the BSAFE Random Number Generator”, Robert Baldwin, RSA Laboratories’ Bulletin, No.3, 25 January 1996.
“Security Requirements for Cryptographic Modules”, FIPS PUB 140-2, National Institute of Standards and Technology, July 2001.
“Cryptanalytic Attacks on Pseudorandom Number Generators”, John Kelsey, Bruce Schneier, David Wagner, and Chris Hall, Proceedings of the 5thFast Software Encryption Workshop (FSE’98), Springer-Verlag Lecture Notes in Computer Science, No.1372, March 1998, p.168.
“RSAREF Cryptographic Library, Version 1.0”, RSA Laboratories, February 1992.
“Preliminary Analysis of the BSAFE 3.x Pseudorandom Number Generators”, Robert Baldwin, RSA Laboratories’ Bulletin No.8, 3 September 1998.
“American National Standard for Financial Institution Key Management (Wholesale)”, American Bankers Association, 1985.
“SFS — Secure FileSystem”, Peter Gutmann, http://www.cs.auckland.-ac.nz/~pgut001/sfs.html.
“GnuPG PRNG insecure?”, Stefan Keller, posting to the gnupg-devel mailing list, message-ID 20020207200603.A28608@harry.cs.tu-berlin.de, 7 February 2002.
“SSH — Secure Login Connections over the Internet”, Tatu Ylönen, Proceedings of the 6thUsenix Security Symposium, July 1996, p.37.
“The SSL Protocol”, Alan Freier, Philip Karlton, and Paul Kocher, Netscape Communications Corporation, March 1996.
“RFC 2246, The TLS Protocol, Version 1.0”, Tim Dierks and Christopher Allen, January 1999.
“SSL and TLS Essentials”, Stephen Thomas, John Wiley and Sons, 2000.
“OpenSSL Security Advisory: PRNG weakness in versions up to 0.9.6a”, Bodo Moeller, posting to the bugtraq mailing list, 10 July 2001, message-ID 20010710130317.A1949@openssl.org.
“Non-biased pseudo random number generator”, Matthew Thomlinson, Daniel Simon, and Bennet Yee, US Patent No.5,778,069, 7 July 1998.
“Writing Secure Code”, Michael Howard and David LeBlanc, Microsoft Press, 2002.
“A Class of Weak Keys in the RC4 Stream Cipher”, Andrew Roos, posting to sci.crypt.research newsgroup, message-ID 43vf2e$sr8@net.auckland.ac.nz, 22 September 1995.
“Re: is RC4 weak for the first few K?”, Paul Kocher, posting to sci.crypt newsgroup, message-ID pckE035up.4y1@netcom.com, 30 October 1996.
“Disclosures of Weaknesses in RC4 (Re: RC4 Weaknesses?)”, Ian Farquhar, posting to sci.crypt newsgroup, message-ID 329A242A.41C6@sydney.sgi.com, 26 November 1996.
“Iterative Probabilistic Cryptanalysis of RC4 Keystream Generator”, Jovan Golié, Proceedings of the 5thAustralasian Conference on Information Security and Privacy (ACISP’00), Springer-Verlag Lecture Notes in Computer Science No.1841, July 2000, p.220.
“Linear Statistical Weakness of Alleged RC4 Keystream Generator”, Jovan Golié, Proceedings of Eurocrypt’ 97, Springer-Verlag Lecture Notes in Computer Science, No.1233, May 1997, p.226.
“Cryptanalysis of RC4-like Ciphers”, Serge Mister and Stafford Tavares, Proceedings of the 5thAnnual Workshop on Selected Areas in Cryptography (SAC’98), Springer-Verlag Lecture Notes in Computer Science, No.1556, August 1998, p.131.
“Statistical Analysis of the Alleged RC4 Keystream Generator”, Scott Fluhrer and David McGrew, Proceedings of the 7thFast Software Encryption Workshop (FSE 2000), Springer-Verlag Lecture Notes in Computer Science, No.1978, April 2000, p.19.
“A Practical Attack on Broadcast RC4”, Itsik Mantin and Adi Shamir, Proceedings of the 8thFast Software Encryption Workshop (FSE 2001), Springer-Verlag Lecture Notes in Computer Science, No.2355, April 2001, p.152.
“(Not So) Random Shuffles of RC4”, Ilya Mironov, Proceedings of Crypto 2002, Springer-Verlag Lecture Notes in Computer Science, to appear.
“CAPSTONE (MYK-80) Specifications”, R21 Informal Technical Report R21-TECH-30-95, National Security Agency, 14 August 1995.
“Intel 82802 Firmware Hub: Random Number Generator Programmer’s Reference Manual”, Intel Corporation, December 1999.
“The Intel Random Number Generator”, Benjamin Jun and Paul Kocher, Cryptography Research Inc white paper, 22 April 1999.
“Alternating Step Generators Controlled by de Bruijn Sequences”, Christoph Günther, Proceedings of Eurocrypt’97, Springer-Verlag Lecture Notes in Computer Science, No.304, April 1987, p.5.
“An attack on the last two rounds of MD4”, Bert den Boer and Antoon Bosselaers, Proceedings of Crypto’91, Springer-Verlag Lecture Notes in Computer Science, No.576, December 1991, p.194.
“The First Two Rounds of MD4 are Not One-Way”, Hans Dobbertin, Proceedings of Fast Software Encryption’98 (FSE’98), Springer-Verlag Lecture Notes in Computer Science, No.1372, March 1998, p.284.
“The Status of MD5 After a Recent Attack”, Hans Dobbertin, CryptoBytes, Vol.2,No.2 (Summer 1996), p.1.
“On Recent Results for MD2, MD4 and MD5”, Matt Robshaw, RSA Laboratories Bulletin, No.4, November 1996.
“Formula 1 Technology”, Nigel McKnight, Hazelton Publishing, 1998.
“Prudent engineering practice for cryptographic protocols”, Martin Abadi and Roger Needham, IEEE Transactions on Software Engineering, Vol.22,No.1 (January 1996), p. 2. Also in Proceedings of the 1994 IEEE Symposium on Security and Privacy, May 1994, p.122.
“Statistical Testing of Random Number Generators”, Juan Soto, Proceedings of the 22nd National Information Systems Security Conference (formerly the National Computer Security Conference), October 1999, CDROM distribution.
“Transaction Processing: Concepts and Techniques” Jim Gray and Andreas Reuter, Morgan Kaufmann, 1993.
“Atomic Transactions”, Nancy Lynch, Michael Merritt, William Weihl, and Alan Fekete, Morgan Kaufmann, 1994.
“Principles of Transaction Processing”, Philip Bernstein and Eric Newcomer, Morgan Kaufman Series in Data Management Systems, January 1997.
“Re: A history of Netscape/MSIE problems”, Phillip Hallam-Baker, posting to the cypherpunks mailing list, message-ID 3238962F.1372@ai.mit.edu, 12 September 1996.
“Re: Problem Compiling OpenSSL for RSA Support”, David Hesprich, posting to the openssl-dev mailing list, 5 March 2000.
“Re: “PRNG not seeded” in Window NT”, Pablo Royo, posting to the openssl-dev mailing list, 4 April 2000.
“Re: PRNG not seeded ERROR”, Carl Douglas, posting to the openssl-users mailing list, 6 April 2001.
“Bug in 0.9.5 + fix”, Elias Papavassilopoulos, posting to the openssl-dev mailing list, 10 March 2000.
“Re: setting random seed generator under Windows NT”, Amit Chopra, posting to the openssl-users mailing list, 10 May 2000.
“1 RAND question, and 1 crypto question”, Brian Snyder, posting to the openssl-users mailing list, 21 April 2000.
“Re: unable to load ‘random state’ (OpenSSL 0.9.5 on Solaris)”, Theodore Hope, posting to the openssl-users mailing list, 9 March 2000.
“RE: having trouble with RAND_egd()”, Miha Wang, posting to the openssl-users mailing list, 22 August 2000.
“Re: How to seed before generating key?”, ‘jas’, posting to the openssl-users mailing list, 19 April 2000.
“Re: “PRNG not seeded” in Windows NT”, Ng Pheng Siong, posting to the openssl-dev mailing list, 6 April 2000.
“Re: Bug relating to /dev/urandom and RAND_egd in libcrypto.a”, Louis LeBlanc, posting to the openssl-dev mailing list, 30 June 2000.
“Re: Bug relating to /dev/urandom and RAND_egd in libcrypto.a”, Louis LeBlanc, posting to the openssl-dev mailing list, 30 June 2000.
“Error message: random number generator:SSLEAY_RAND_BYTES / possible solution”, Michael Hynds, posting to the openssl-dev mailing list, 7 May 2000.
“Re: Unable to load ‘random state’ when running CA.pl”, Corrado Derenale, posting to the openssl-users mailing list, 2 November 2000.
“OpenSSL Frequently Asked Questions”, http://www.openssl.org/-support/faq.html.
“A Universal Algorithm for Sequential Data-Compression”, Jacob Ziv and Abraham Lempel, IEEE Transactions on Information Theory, Vol. 23,No. 3 (May 1977), p.337
“Compression of Individual Sequences via Variable-Rate Coding”, Jacob Ziv and Abraham Lempel, IEEE Transactions on Information Theory, Vol.24,No. 5 (September 1978), p.530.
“Practical Dictionary/Arithmetic Data Compression Synthesis”, Peter Gutmann, MSc thesis, University of Auckland, 1992.
“Compression, Tests for Randomness and Estimation of the Statistical Model of an Individual Sequence”, Jacob Ziv, in “Sequences”, Springer-Verlag, 1988, p.366.
“Ziv-Lempel Complexity for Periodic Sequences and its Cryptographic Application”, Sibylle Mund, Proceedings of Eurocrypt’91, Springer-Verlag Lecture Notes in Computer Science, No.547, April 1991, p.114.
“A Universal Statistical Test for Random Bit Generators”, Ueli Maurer, Proceedings of Crypto’ 90, Springer-Verlag Lecture Notes in Computer Science, No.537, 1991, p.409.
“An accurate evaluation of Maurer’s universal test”, Jean-Sébastian Coron and David Naccache, Proceedings of the 5thAnnual Workshop on Selected Areas in Cryptography (SAC’98), Springer-Verlag Lecture Notes in Computer Science, No.1556, August 1998, p.57.
“Random Number Testing and Generation”, http://csrc.nist.gov/rng/.
“Crypt-X’98”, http://www.isrc.qut.edu.au/cryptx/.
“Secure deletion of data from magnetic and solid-state memory”, Peter Gutmann, Proceedings of the 6thUsenix Security Symposium, July 1996, p.7.
“Data Remanence in Semiconductor Devices”, Peter Gutmann, Proceedings of the 10thUsenix Security Symposium, August 2001, p.39.
“Advanced Windows (third edition)”, Jeffrey Richter, Microsoft Press, 1997.
“Developing Windows NT Device Drivers: A Programmer’s Handbook”, Edward Dekker and Joseph Newcomer, Addison-Wesley, April 1999.
“On the importance of securing your bins: The garbage-man-in-the-middle attack”, Marc Joye and Jean-Jacques Quisquater, Proceedings of the 4thACM Conference on Computer and Communications Security (CCS’97), April 1997, p.135.
Rights and permissions
Copyright information
© 2004 Springer-Verlag New York, Inc.
About this chapter
Cite this chapter
(2004). Random Number Generation. In: Cryptographic Security Architecture. Springer, New York, NY. https://doi.org/10.1007/0-387-21551-4_6
Download citation
DOI: https://doi.org/10.1007/0-387-21551-4_6
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-95387-8
Online ISBN: 978-0-387-21551-8
eBook Packages: Springer Book Archive