How does one find random numbers for keys ?



How does one find random numbers for keys ?..

Answer / ramkumar

Whether using a secret-key cryptosystem or a public-key
cryptosystem, one needs a good source of random numbers for
key generation. The main features of a good source are that
it produces numbers that are unknown and unpredictable by
potential adversaries. Random numbers obtained from a
physical process are in principle the best, since many
physical processes appear truly random. One could use a
hardware device, such as a noisy diode; some are sold
commercially on computer add-in boards for this purpose.
Another idea is to use physical movements of the computer
user, such as inter-key stroke timings measured in
microseconds. Techniques using the spinning of disks to
generate random data are not truly random, as the movement
of the disk platter cannot be considered truly random. A
negligible-cost alternative is available; Davis et al.
designed a random number generator based on the variation
of a disk drive motor's speed [DIP94]. This variation is
caused by air turbulence, which has been shown to be
unpredictable. By whichever method they are generated, the
random numbers may still contain some correlation, thus
preventing sufficient statistical randomness. Therefore, it
is best to run them through a good hash function (see
Question 2.1.6) before actually using them [ECS94].

Another approach is to use a pseudo-random number generator
fed by a random seed. The primary difference between random
and pseudo-random numbers is that pseudo-random numbers are
necessarily periodic whereas truly random numbers are not.
Since pseudo-random number generators are deterministic
algorithms, it is important to find one that is
cryptographically secure and also to use a good random
seed; the generator effectively acts as an "expander" from
the seed to a larger amount of pseudo-random data. The seed
must be sufficiently variable to deter attacks based on
trying all possible seeds.

It is not sufficient for a pseudo-random number generator
just to pass a variety of statistical tests, as described
in Knuth [Knu81] and elsewhere, because the output of such
generators may still be predictable. Rather, it must be
computationally infeasible for an attacker to determine any
bit of the output sequence, even if all the others are
known, with probability better than 1/2. Blum and Micali's
generator based on the discrete logarithm problem [BM84]
satisfies this stronger definition, assuming that computing
discrete logarithm is difficult (see Question 2.3.7). Other
generators perhaps based on DES (see Section 3.2) or a hash
function (see Question 2.1.6) can also be considered to
satisfy this definition, under reasonable assumptions.

A summary of methods for generating random numbers in
software can be found in [Mat96].

Note that one does not need random numbers to determine the
public and private exponents in RSA. After generating the
primes, and hence the modulus (see Question 3.1.1), one can
simply choose an arbitrary value (subject to the standard
constraints) for the public exponent, which then determines
the private exponent.

Is This Answer Correct ?    0 Yes 0 No

Post New Answer

More Encryption Decryption Interview Questions

What is the difference between a message authentication code (MAC) and a one-way hash?

0 Answers  


What are the disadvantages of public-key cryptography compared with secret-key cryptography?

0 Answers  


What is the elgamal cryptosystem?

0 Answers  


How is an s-box value of AES can be modified? How is it done?

0 Answers  


What is an algorithm?

0 Answers  






What is the difference between hardware and software encryption?

1 Answers  


What is a zed encoder? How does it work?

0 Answers  


What is luc?

0 Answers  


Do digital signatures help detect altered documents and transmission errors?

0 Answers  


What is the rabin signature scheme?

0 Answers  


what are some of the current encryption schemes?

0 Answers  


What is cryptographic synchronisation?

0 Answers  


Categories
  • Cryptography Algorithms Interview Questions Cryptography Algorithms (52)
  • Digital Certificates Interview Questions Digital Certificates (23)
  • Encryption Decryption Interview Questions Encryption Decryption (77)
  • Ciphers Interview Questions Ciphers (43)
  • Cryptography Protocols Interview Questions Cryptography Protocols (31)
  • Blockchain Interview Questions Blockchain (338)
  • Cryptography General Interview Questions Cryptography General (154)
  • Cryptography AllOther Interview Questions Cryptography AllOther (0)