Technical Summary
Security systems are built on strong cryptographic algorithms that
foil pattern analysis attempts. However, the security of these systems
is dependent on generating secret quantities for passwords,
cryptographic keys, and similar quantities. The use of pseudo-random
processes to generate secret quantities can result in pseudo-
security. The sophisticated attacker of these security systems may
find it easier to reproduce the environment that produced the secret
quantities, searching the resulting small set of possibilities, than
to locate the quantities in the whole of the potential number space.
Choosing random quantities to foil a resourceful and motivated
adversary is surprisingly difficult. This document points out many
pitfalls in using traditional pseudo-random number generation
techniques for choosing such quantities. It recommends the use of
truly random hardware techniques and shows that the existing hardware
on many systems can be used for this purpose. It provides suggestions
to ameliorate the problem when a hardware solution is not available.
And it gives examples of how large such quantities need to be for some
applications.
Working Group Summary
This is an individual submission, and it is not the product of any
IETF Working Group.
Protocol Quality
This document was reviewed by Russell Housley for the IESG.