@techreport{eastlake-randomness3-00,
    number =    {draft-eastlake-randomness3-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-eastlake-randomness3/00/},
    author =    {Donald E. Eastlake 3rd and Steve Crocker and Charlie Kaufman and Jeffrey I. Schiller},
    title =     {{Randomness Requirements for Security}},
    pagetotal = 53,
    year =      2013,
    month =     nov,
    day =       5,
    abstract =  {Security systems are built on strong cryptographic algorithms that foil pattern analysis attempts. However, the security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar values. The use of pseudo-random processes to generate secret quantities can result in pseudo- security. For example, the sophisticated attacker of these security systems may find it easier to reproduce the environment that produced the secret quantities, searching a resulting small set of possibilities, than to locate the quantities in the whole of the potential number space. Choosing random quantities to foil a resourceful and motivated adversary can be surprisingly difficult. This document points out many pitfalls in using poor entropy sources or traditional pseudo- random number generation techniques for generating such quantities. It recommends the use of multiple sources with a strong mixing function, so that no single source need be fully trusted, and provides techniques for extending a random seed to a larger quantity of pseudo-random material in a cryptographically secure way. And it gives examples of how large such quantities need to be for some applications. This document obsoletes RFC 4086.},
}