Skip to main content
SpringerLink
Log in

Random Number Generation

  • Chapter
Cryptographic Security Architecture

  • 287 Accesses

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

6.10 References

  1. “Cryptographic Randomness from Air Turbulence in Disk Drives”, Don Davis, Ross Ihaka, and Philip Fenstermacher, Proceedings of Crypto’ 94, Springer-Verlag Lecture Notes in Computer Science, No.839, 1994.

    Google Scholar 

  2. “Truly Random Numbers”, Colin Plumb, Dr.Dobbs Journal, November 1994, p.113.

    Google Scholar 

  3. “PGP Source Code and Internals”, Philip Zimmermann, MIT Press, 1995.

    Google Scholar 

  4. “Random noise from disk drives”, Rich Salz, posting to cypherpunks mailing list, message-ID 9601230431.AA06742@sulphur.osf.org, 22 January 1996.

    Google Scholar 

  5. “A Practical Secure Physical Random Bit Generator”, Markus Jacobsson, Elizabeth Shriver, Bruce Hillyer, and Ari Juels, Proceedings of the 5thACM Conference on Computer and Communications Security, 1998, p.103.

    Google Scholar 

  6. “IBM-PC flawless true random number generator”, Nico de Vries, posting to sci.crypt newsgroup, message-ID 2670@accucx.cc.ruu.nl, 18 June 1992.

    Google Scholar 

  7. “My favourite random-numbers-in-software package (unix)”, Matt Blaze, posting to cypherpunks mailing list, message-ID 199509301946.PAA15565@crypto.com, 30 September 1995.

    Google Scholar 

  8. “Using and Creating Cryptographic-Quality Random Numbers”, John Callas, http://www.merrymeet.com/jon/usingrandom.html, 3 June 1996.

  9. “Suggestions for random number generation in software”, Tim Matthews, RSA Data Security Engineering Report, 15 December 1995 (reprinted in RSA Laboratories’ Bulletin No.1, 22 January 1996).

    Google Scholar 

  10. “Applied Cryptography (Second Edition)”, Bruce Schneier, John Wiley and Sons, 1996.

    Google Scholar 

  11. “Cryptographic Random Numbers”, IEEE P1363 Working Draft, Appendix G, 6 February 1997.

    Google Scholar 

  12. “Zufallstreffer”, Klaus Schmeh and Dr. Hubert Uebelacker, c’t, No.14, 1997, p.220.

    Google Scholar 

  13. “Randomness Recommendations for Security”, Donald Eastlake, Stephen Crocker, and Jeffrey Schiller, RFC 1750, December 1994.

    Google Scholar 

  14. “The Art of Computer Programming: Volume 2, Seminumerical Algorithms”, Donald Knuth, Addison-Wesley, 1981.

    Google Scholar 

  15. “Handbook of Applied Cryptography”, Alfred Menezes, Paul van Oorschot, and Scott Vanstone, CRC Press, 1996.

    Google Scholar 

  16. “Exploring Randomness”, Gregory Chaitin, Springer-Verlag, December 2000.

    Google Scholar 

  17. “Foundations of Cryptography: Basic Tools”, Oded Goldreich, Cambridge University Press, August 2001.

    Google Scholar 

  18. “Netscape’s Internet Software Contains Flaw That Jeopardizes Security of Data”, Jared Sandberg, The Wall Street Journal, 18 September 1995.

    Google Scholar 

  19. “Randomness and the Netscape Browser”, Ian Goldberg and David Wagner, Dr.Dobbs Journal, January 1996.

    Google Scholar 

  20. “Breakable session keys in Kerberos v4”, Nelson Minar, posting to the cypherpunks mailing list, message-ID 199602200828.BAA21074@nelson.santafe.edu, 20 February 1996.

    Google Scholar 

  21. “X Authentication Vulnerability”, CERT Vendor-Initiated Bulletin VB-95:08, 2 November 1995.

    Google Scholar 

  22. “glibc resolver weakness”, antirez, posting to the bugtraq mailing list, message-ID 20000503034046.A9579@nagash.marmoc.net, 3 May 2000.

    Google Scholar 

  23. “A Stateful Inspection of FireWall-1”, Thomas Lopatic, John McDonald, and Dug Song, posting to the bugtraq mailing list, message-ID 20000816140955.-5CD7E10865E@naughty.monkey.org, 16 August 2000.

    Google Scholar 

  24. “FWTK, Gauntlet ‘random seed’ security problem”, ‘kadokev’, posting to the bugtraq mailing list, message-ID 19990416203627.15201.qmail@msg.net, 16 April 1999.

    Google Scholar 

  25. “‘Pseudo-random’ Number Generation Within Cryptographic Algorithms: The DDS [sic] Case”, Mihir Bellare, Shafi Goldwasser, and Daniele Micciancio, Proceedings of Crypto’97, Springer-Verlag Lecture Notes in Computer Science No.1294, August 1997, p.276.

    Google Scholar 

  26. “Crypto Blunders”, Steve Burnett, Proceedings of the 2nd Systems Administration and Networking Conference (SANE 2000), Netherlands Unix Users Group, May 2000, p.239 (also available on the CD accompanying “RSA Security’s Official Guide To Cryptography”, Steve Burnett and Stephen Paine, McGraw-Hill, 2001).

    Google Scholar 

  27. “RE: Signature certification”, Ross Anderson, posting to the ukcrypto mailing list, message-ID E14jz1F-0004ld-00@wisbech.cl.cam.ac.uk, 2 April 2001.

    Google Scholar 

  28. “Murphy’s law and computer security”, Wietse Venema, Proceedings of the 6thUsenix Security Symposium, July 1996, p.187.

    Google Scholar 

  29. “Internet Gambling Software Flaw Discovered by Reliable Software Technologies Software Security Group”, Reliable Software Technologies, http://www.-rstcorp.com/news/gambling.html, 1 September 1999.

  30. “A sure bet: Internet gambling is loaded with risks”, Ann Kellan, CNN news story, 3 September 1999.

    Google Scholar 

  31. “Re: New standart for encryption software”, Albert P.Belle Isle, posting to the sci.crypt newsgroup, message-ID v8e3asks612a3iu8pmr5677uhfes7gupun@4ax.com, 9 February 2000.

    Google Scholar 

  32. “Key Generation Security Flaw in PGP 5.0”, Germano Caronni, posting to the coderpunks mailing list, message-ID 20000523141323.A28431@olymp.org, 23 May 2000.

    Google Scholar 

  33. “Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator”, John Kelsey, Bruce Schneier, and Niels Ferguson, Proceedings of the 6thAnnual Workshop on Selected Areas in Cryptography (SAC’99), Springer-Verlag Lecture Notes in Computer Science, No.1758, August 1999, p.13.

    Google Scholar 

  34. “Proper Initialisation for the BSAFE Random Number Generator”, Robert Baldwin, RSA Laboratories’ Bulletin, No.3, 25 January 1996.

    Google Scholar 

  35. “Security Requirements for Cryptographic Modules”, FIPS PUB 140-2, National Institute of Standards and Technology, July 2001.

    Google Scholar 

  36. “Cryptanalytic Attacks on Pseudorandom Number Generators”, John Kelsey, Bruce Schneier, David Wagner, and Chris Hall, Proceedings of the 5thFast Software Encryption Workshop (FSE’98), Springer-Verlag Lecture Notes in Computer Science, No.1372, March 1998, p.168.

    Google Scholar 

  37. “RSAREF Cryptographic Library, Version 1.0”, RSA Laboratories, February 1992.

    Google Scholar 

  38. “Preliminary Analysis of the BSAFE 3.x Pseudorandom Number Generators”, Robert Baldwin, RSA Laboratories’ Bulletin No.8, 3 September 1998.

    Google Scholar 

  39. “American National Standard for Financial Institution Key Management (Wholesale)”, American Bankers Association, 1985.

    Google Scholar 

  40. “SFS — Secure FileSystem”, Peter Gutmann, http://www.cs.auckland.-ac.nz/~pgut001/sfs.html.

  41. “GnuPG PRNG insecure?”, Stefan Keller, posting to the gnupg-devel mailing list, message-ID 20020207200603.A28608@harry.cs.tu-berlin.de, 7 February 2002.

    Google Scholar 

  42. “SSH — Secure Login Connections over the Internet”, Tatu Ylönen, Proceedings of the 6thUsenix Security Symposium, July 1996, p.37.

    Google Scholar 

  43. “The SSL Protocol”, Alan Freier, Philip Karlton, and Paul Kocher, Netscape Communications Corporation, March 1996.

    Google Scholar 

  44. “RFC 2246, The TLS Protocol, Version 1.0”, Tim Dierks and Christopher Allen, January 1999.

    Google Scholar 

  45. “SSL and TLS Essentials”, Stephen Thomas, John Wiley and Sons, 2000.

    Google Scholar 

  46. “OpenSSL Security Advisory: PRNG weakness in versions up to 0.9.6a”, Bodo Moeller, posting to the bugtraq mailing list, 10 July 2001, message-ID 20010710130317.A1949@openssl.org.

    Google Scholar 

  47. “Non-biased pseudo random number generator”, Matthew Thomlinson, Daniel Simon, and Bennet Yee, US Patent No.5,778,069, 7 July 1998.

    Google Scholar 

  48. “Writing Secure Code”, Michael Howard and David LeBlanc, Microsoft Press, 2002.

    Google Scholar 

  49. “A Class of Weak Keys in the RC4 Stream Cipher”, Andrew Roos, posting to sci.crypt.research newsgroup, message-ID 43vf2e$sr8@net.auckland.ac.nz, 22 September 1995.

    Google Scholar 

  50. “Re: is RC4 weak for the first few K?”, Paul Kocher, posting to sci.crypt newsgroup, message-ID pckE035up.4y1@netcom.com, 30 October 1996.

    Google Scholar 

  51. “Disclosures of Weaknesses in RC4 (Re: RC4 Weaknesses?)”, Ian Farquhar, posting to sci.crypt newsgroup, message-ID 329A242A.41C6@sydney.sgi.com, 26 November 1996.

    Google Scholar 

  52. “Iterative Probabilistic Cryptanalysis of RC4 Keystream Generator”, Jovan Golié, Proceedings of the 5thAustralasian Conference on Information Security and Privacy (ACISP’00), Springer-Verlag Lecture Notes in Computer Science No.1841, July 2000, p.220.

    Google Scholar 

  53. “Linear Statistical Weakness of Alleged RC4 Keystream Generator”, Jovan Golié, Proceedings of Eurocrypt’ 97, Springer-Verlag Lecture Notes in Computer Science, No.1233, May 1997, p.226.

    Google Scholar 

  54. “Cryptanalysis of RC4-like Ciphers”, Serge Mister and Stafford Tavares, Proceedings of the 5thAnnual Workshop on Selected Areas in Cryptography (SAC’98), Springer-Verlag Lecture Notes in Computer Science, No.1556, August 1998, p.131.

    Google Scholar 

  55. “Statistical Analysis of the Alleged RC4 Keystream Generator”, Scott Fluhrer and David McGrew, Proceedings of the 7thFast Software Encryption Workshop (FSE 2000), Springer-Verlag Lecture Notes in Computer Science, No.1978, April 2000, p.19.

    Google Scholar 

  56. “A Practical Attack on Broadcast RC4”, Itsik Mantin and Adi Shamir, Proceedings of the 8thFast Software Encryption Workshop (FSE 2001), Springer-Verlag Lecture Notes in Computer Science, No.2355, April 2001, p.152.

    Google Scholar 

  57. “(Not So) Random Shuffles of RC4”, Ilya Mironov, Proceedings of Crypto 2002, Springer-Verlag Lecture Notes in Computer Science, to appear.

    Google Scholar 

  58. “CAPSTONE (MYK-80) Specifications”, R21 Informal Technical Report R21-TECH-30-95, National Security Agency, 14 August 1995.

    Google Scholar 

  59. “Intel 82802 Firmware Hub: Random Number Generator Programmer’s Reference Manual”, Intel Corporation, December 1999.

    Google Scholar 

  60. “The Intel Random Number Generator”, Benjamin Jun and Paul Kocher, Cryptography Research Inc white paper, 22 April 1999.

    Google Scholar 

  61. “Alternating Step Generators Controlled by de Bruijn Sequences”, Christoph Günther, Proceedings of Eurocrypt’97, Springer-Verlag Lecture Notes in Computer Science, No.304, April 1987, p.5.

    Google Scholar 

  62. “An attack on the last two rounds of MD4”, Bert den Boer and Antoon Bosselaers, Proceedings of Crypto’91, Springer-Verlag Lecture Notes in Computer Science, No.576, December 1991, p.194.

    Google Scholar 

  63. “The First Two Rounds of MD4 are Not One-Way”, Hans Dobbertin, Proceedings of Fast Software Encryption’98 (FSE’98), Springer-Verlag Lecture Notes in Computer Science, No.1372, March 1998, p.284.

    Google Scholar 

  64. “The Status of MD5 After a Recent Attack”, Hans Dobbertin, CryptoBytes, Vol.2,No.2 (Summer 1996), p.1.

    MathSciNet  Google Scholar 

  65. “On Recent Results for MD2, MD4 and MD5”, Matt Robshaw, RSA Laboratories Bulletin, No.4, November 1996.

    Google Scholar 

  66. “Formula 1 Technology”, Nigel McKnight, Hazelton Publishing, 1998.

    Google Scholar 

  67. “Prudent engineering practice for cryptographic protocols”, Martin Abadi and Roger Needham, IEEE Transactions on Software Engineering, Vol.22,No.1 (January 1996), p. 2. Also in Proceedings of the 1994 IEEE Symposium on Security and Privacy, May 1994, p.122.

    Article  Google Scholar 

  68. “Statistical Testing of Random Number Generators”, Juan Soto, Proceedings of the 22nd National Information Systems Security Conference (formerly the National Computer Security Conference), October 1999, CDROM distribution.

    Google Scholar 

  69. “Transaction Processing: Concepts and Techniques” Jim Gray and Andreas Reuter, Morgan Kaufmann, 1993.

    Google Scholar 

  70. “Atomic Transactions”, Nancy Lynch, Michael Merritt, William Weihl, and Alan Fekete, Morgan Kaufmann, 1994.

    Google Scholar 

  71. “Principles of Transaction Processing”, Philip Bernstein and Eric Newcomer, Morgan Kaufman Series in Data Management Systems, January 1997.

    Google Scholar 

  72. “Re: A history of Netscape/MSIE problems”, Phillip Hallam-Baker, posting to the cypherpunks mailing list, message-ID 3238962F.1372@ai.mit.edu, 12 September 1996.

    Google Scholar 

  73. “Re: Problem Compiling OpenSSL for RSA Support”, David Hesprich, posting to the openssl-dev mailing list, 5 March 2000.

    Google Scholar 

  74. “Re: “PRNG not seeded” in Window NT”, Pablo Royo, posting to the openssl-dev mailing list, 4 April 2000.

    Google Scholar 

  75. “Re: PRNG not seeded ERROR”, Carl Douglas, posting to the openssl-users mailing list, 6 April 2001.

    Google Scholar 

  76. “Bug in 0.9.5 + fix”, Elias Papavassilopoulos, posting to the openssl-dev mailing list, 10 March 2000.

    Google Scholar 

  77. “Re: setting random seed generator under Windows NT”, Amit Chopra, posting to the openssl-users mailing list, 10 May 2000.

    Google Scholar 

  78. “1 RAND question, and 1 crypto question”, Brian Snyder, posting to the openssl-users mailing list, 21 April 2000.

    Google Scholar 

  79. “Re: unable to load ‘random state’ (OpenSSL 0.9.5 on Solaris)”, Theodore Hope, posting to the openssl-users mailing list, 9 March 2000.

    Google Scholar 

  80. “RE: having trouble with RAND_egd()”, Miha Wang, posting to the openssl-users mailing list, 22 August 2000.

    Google Scholar 

  81. “Re: How to seed before generating key?”, ‘jas’, posting to the openssl-users mailing list, 19 April 2000.

    Google Scholar 

  82. “Re: “PRNG not seeded” in Windows NT”, Ng Pheng Siong, posting to the openssl-dev mailing list, 6 April 2000.

    Google Scholar 

  83. “Re: Bug relating to /dev/urandom and RAND_egd in libcrypto.a”, Louis LeBlanc, posting to the openssl-dev mailing list, 30 June 2000.

    Google Scholar 

  84. “Re: Bug relating to /dev/urandom and RAND_egd in libcrypto.a”, Louis LeBlanc, posting to the openssl-dev mailing list, 30 June 2000.

    Google Scholar 

  85. “Error message: random number generator:SSLEAY_RAND_BYTES / possible solution”, Michael Hynds, posting to the openssl-dev mailing list, 7 May 2000.

    Google Scholar 

  86. “Re: Unable to load ‘random state’ when running CA.pl”, Corrado Derenale, posting to the openssl-users mailing list, 2 November 2000.

    Google Scholar 

  87. “OpenSSL Frequently Asked Questions”, http://www.openssl.org/-support/faq.html.

  88. “A Universal Algorithm for Sequential Data-Compression”, Jacob Ziv and Abraham Lempel, IEEE Transactions on Information Theory, Vol. 23,No. 3 (May 1977), p.337

    Article  MathSciNet  Google Scholar 

  89. “Compression of Individual Sequences via Variable-Rate Coding”, Jacob Ziv and Abraham Lempel, IEEE Transactions on Information Theory, Vol.24,No. 5 (September 1978), p.530.

    Article  MathSciNet  Google Scholar 

  90. “Practical Dictionary/Arithmetic Data Compression Synthesis”, Peter Gutmann, MSc thesis, University of Auckland, 1992.

    Google Scholar 

  91. “Compression, Tests for Randomness and Estimation of the Statistical Model of an Individual Sequence”, Jacob Ziv, in “Sequences”, Springer-Verlag, 1988, p.366.

    Google Scholar 

  92. “Ziv-Lempel Complexity for Periodic Sequences and its Cryptographic Application”, Sibylle Mund, Proceedings of Eurocrypt’91, Springer-Verlag Lecture Notes in Computer Science, No.547, April 1991, p.114.

    Google Scholar 

  93. “A Universal Statistical Test for Random Bit Generators”, Ueli Maurer, Proceedings of Crypto’ 90, Springer-Verlag Lecture Notes in Computer Science, No.537, 1991, p.409.

    Google Scholar 

  94. “An accurate evaluation of Maurer’s universal test”, Jean-Sébastian Coron and David Naccache, Proceedings of the 5thAnnual Workshop on Selected Areas in Cryptography (SAC’98), Springer-Verlag Lecture Notes in Computer Science, No.1556, August 1998, p.57.

    Google Scholar 

  95. “Random Number Testing and Generation”, http://csrc.nist.gov/rng/.

  96. “Crypt-X’98”, http://www.isrc.qut.edu.au/cryptx/.

  97. “Secure deletion of data from magnetic and solid-state memory”, Peter Gutmann, Proceedings of the 6thUsenix Security Symposium, July 1996, p.7.

    Google Scholar 

  98. “Data Remanence in Semiconductor Devices”, Peter Gutmann, Proceedings of the 10thUsenix Security Symposium, August 2001, p.39.

    Google Scholar 

  99. “Advanced Windows (third edition)”, Jeffrey Richter, Microsoft Press, 1997.

    Google Scholar 

  100. “Developing Windows NT Device Drivers: A Programmer’s Handbook”, Edward Dekker and Joseph Newcomer, Addison-Wesley, April 1999.

    Google Scholar 

  101. “On the importance of securing your bins: The garbage-man-in-the-middle attack”, Marc Joye and Jean-Jacques Quisquater, Proceedings of the 4thACM Conference on Computer and Communications Security (CCS’97), April 1997, p.135.

    Google Scholar 

Download references

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag New York, Inc.

About this chapter

Cite this chapter

(2004). Random Number Generation. In: Cryptographic Security Architecture. Springer, New York, NY. https://doi.org/10.1007/0-387-21551-4_6

Download citation

  • DOI: https://doi.org/10.1007/0-387-21551-4_6

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-0-387-95387-8

  • Online ISBN: 978-0-387-21551-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation