Randomness Recommendations for Security

Eastlake, rd D.; Crocker, Stephen; Schiller, Jeffrey I.

doi:10.17487/rfc1750

Cited by 125 publications

(76 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The nonces should be generated by using a random number generator that is known to have good randomness properties [1]. A correspondent node may use the same Kcn and nonce with all the mobiles it is in communication with.…”

Section: Noncesmentioning

confidence: 99%

Mobility Support in IPv6

Johnson¹,

Perkins²,

Arkko³

2004

2,306

2,236

View full text Add to dashboard Cite

Section: Noncesmentioning

confidence: 99%

Mobility Support in IPv6

Johnson¹,

Perkins²,

Arkko³

2004

2,306

2,236

View full text Add to dashboard Cite

“…and/or a non-hardware source (e.g., the timing and content of events such as mouse movement, keystroke, network traffic, etc.) [20,31].…”

Section: Introductionmentioning

confidence: 99%

“…For example, if an adversary has physical access to a hardware source and/or can control the events of a non-hardware source [20], the adversary may be able to manipulate the data in the entropy pool. Also, in some operating systems such as Linux, random data from the entropy pool may be pre-generated and stored in a buffer for later use.…”

Section: Introductionmentioning

confidence: 99%

Authenticated Key Exchange under Bad Randomness

Yang

Duan

Wong

et al. 2012

Financial Cryptography and Data Security

View full text Add to dashboard Cite

Abstract. We initiate the formal study on authenticated key exchange (AKE) under bad randomness. This could happen when (1) an adversary compromises the randomness source and hence directly controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions due to reset attacks. We construct two formal security models, Reset-1 and Reset-2, to capture these two bad randomness situations respectively, and investigate the security of some widely used AKE protocols in these models by showing that they become insecure when the adversary is able to manipulate the randomness. On the positive side, we propose simple but generic methods to make AKE protocols secure in Reset-1 and Reset-2 models. The methods work in a modular way: first, we strengthen a widely used AKE protocol to achieve Reset-2 security, then we show how to transform any Reset-2 secure AKE protocol to a new one which also satisfies Reset-1 security.

show abstract

“…Their exact position is not known and potentially it can vary in time. Random values can be easily extracted by a standard XOR decimator [10], [11]. In the proposed design the decimator produces one output bit per K D input values q (nT CLK ) (one period T Q ).…”

Section: Basic Principle Of Randomness Extractionmentioning

confidence: 99%

“…Signal x (nT Q ) generally does not fulfill this requirement. One common way to reduce statistical bias is to use a XOR corrector [10], [11]. The simplest XOR corrector takes non-overlapped pairs of bits 5 from the input stream and XORs them to produce an output stream with the half bit-rate of the input stream.…”

Section: Trng Realizationmentioning

confidence: 99%

True Random Number Generator Embedded in Reconfigurable Hardware

Fischer

Drutarovský

2003

Lecture Notes in Computer Science

136

105

View full text Add to dashboard Cite

Abstract. This paper presents a new True Random Number Generator (TRNG) based on an analog Phase-Locked Loop (PLL) implemented in a digital Altera Field Programmable Logic Device (FPLD). Starting with an analysis of the one available on chip source of randomness -the PLL synthesized low jitter clock signal, a new simple and reliable method of true randomness extraction is proposed. Basic assumptions about statistical properties of jitter signal are confirmed by testing of mean value of the TRNG output signal. The quality of generated true random numbers is confirmed by passing standard NIST statistical tests. The described TRNG is tailored for embedded System-On-a-ProgrammableChip (SOPC) cryptographic applications and can provide a good quality true random bit-stream with throughput of several tens of kilobits per second. The possibility of including the proposed TRNG into a SOPC design significantly increases the system security of embedded cryptographic hardware.

show abstract

Randomness Recommendations for Security

Cited by 125 publications

References 0 publications

Mobility Support in IPv6

Mobility Support in IPv6

Authenticated Key Exchange under Bad Randomness

True Random Number Generator Embedded in Reconfigurable Hardware

Contact Info

Product

Resources

About