Differences between version 9 and predecessor to the previous major change of RandomNumberGenerator.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 9 | Last edited on Thursday, March 25, 2004 10:14:35 pm | by StuartYeates | Revert |
| Older page: | version 7 | Last edited on Thursday, March 25, 2004 9:23:55 pm | by StuartYeates | Revert |
@@ -22,4 +22,11 @@
!!! Hybrids
In [Unix] systems, there's commonly a __/dev/random__ device to access a pseudorandom number generator. This generator, however, includes a twist that lets it generate higher quality random numbers than otherwise expected: its seed is periodically perturbed using using low-level timing information from the network, mouse, keyboard, and possibly other entropy sources, which only the [Kernel] has proper access to. This generator is also a FiniteStateMachine but it has access to unique inputs which are hard to predict and very hard to spy on. The weakness of this approach can be seen by imagining the [Kernel] running as UserModeLinux and the underlying kernel manipulating the value of the ''hardware'' clock---in such a situation it would be possible to force /dev/random to produce the same results repeatedly. It is generally considered a sufficiently good generator for everything except the random numbers to be used in cryptographic suituations PublicKey generation.
+
+In [Java] systems, instances of the class __java.security.!SecureRandom__ performs operates in a similar way, and are open to similar attacks. Making instances of this class can take several seconds while the [JVM] tries to russle up entropy.
+
+See also: drand48(3), erand48(3), jrand48(3), lrand48(3), mrand48(3), nrand48(3), rand(3), random(3), random(4), srand(3), srand48(3), srandom(3) and urandom(4). RFC:1750
+
+----
+CategoryCryptography
