NIST Updates Random Number Generation Guidelines

An anonymous reader writes: Encryption weighs heavily on the public consciousness these days, as we've learned that government agencies are keeping an eye on us and a lot of our security tools aren't as foolproof as we've thought. In response to this, the National Institute of Standards and Technology has issued a formal update to its document on how to properly generate a random number — crucial in many types of encryption. The update (as expected) removes a recommendation for the Dual_EC_DRBG algorithm. It also adds extra options for CTR_DRBG and points out examples for implementing SP 800-90A generators. The full document (PDF) is available online.

Re:Bad RNG will make your crypto predictable

[EmeraldBot]

One of they few poorly understood concepts in software development is that improperly initialized (called seeding) DRBG will break your crypto. For Linux, and especially for headless systems, use /dev/random for seeding. You want it to block if not enough randomness available.

Ehhhh, not always.

Re:Bad RNG will make your crypto predictable

[Copid]

The classic Schneier Applied Cryptography is a great read for anybody who wants a good starting point on the basic concepts and practical considerations. It's technical-ish but conceptual rather than mathematical and leans toward describing what the various crypto pieces do, why they exist, and what they're used for. To get a good intro to some math, try The Handbook of Applied Cryptography. If you have a little bit of number theory and are willing to do some exercises up front, the book is largely self-contained and very well written. It's free for personal use, but nobody I know regretted buying a hard copy.

Re:Bad RNG will make your crypto predictable

[Bruce+Perens]

Most algorithms to do this use the time between keypresses, measured to very high precision so that the lower bits are chaotic. So it doesn't really matter what keys you hit, and it doesn't matter how rythmic your typing is.