NIST Updates Random Number Generation Guidelines

An anonymous reader writes: Encryption weighs heavily on the public consciousness these days, as we've learned that government agencies are keeping an eye on us and a lot of our security tools aren't as foolproof as we've thought. In response to this, the National Institute of Standards and Technology has issued a formal update to its document on how to properly generate a random number — crucial in many types of encryption. The update (as expected) removes a recommendation for the Dual_EC_DRBG algorithm. It also adds extra options for CTR_DRBG and points out examples for implementing SP 800-90A generators. The full document (PDF) is available online.

Re:Bad RNG will make your crypto predictable

[EmeraldBot]

One of they few poorly understood concepts in software development is that improperly initialized (called seeding) DRBG will break your crypto. For Linux, and especially for headless systems, use /dev/random for seeding. You want it to block if not enough randomness available.

Ehhhh, not always.

Re:Bad RNG will make your crypto predictable

[Copid]

The classic Schneier Applied Cryptography is a great read for anybody who wants a good starting point on the basic concepts and practical considerations. It's technical-ish but conceptual rather than mathematical and leans toward describing what the various crypto pieces do, why they exist, and what they're used for. To get a good intro to some math, try The Handbook of Applied Cryptography. If you have a little bit of number theory and are willing to do some exercises up front, the book is largely self-contained and very well written. It's free for personal use, but nobody I know regretted buying a hard copy.