Randomnumbersgenerators can also be obtained from macroscopic phenomena, such as cards, dice, and the roulette wheel.
If one has a pseudo-random numbergenerator whose output is "sufficiently difficult" to predict for an unknown seed (such as a stream cipher), one can generate true randomnumbers to fill the seed and then use the pseudo-random numbers in cryptographic applications.
Another method for improving a near random bit stream is to exclusive-or the bit stream with the output of a high-quality cryptographically secure pseudo-random numbergenerator such as Blum Blum Shub or a good stream cipher.
However, if entropy is added incrementally, the attacker may be able to deduce the values of the random bits that were added and obtain the new internal state of the randomnumbergenerator (a state compromise extension attack).
Subverted randomnumbers can be created using a cryptographically secure pseudo-random numbergenerator with a seed value known to the attacker but concealed in the software.
The most sophisticated hardware randomnumbergenerator can be subverted placing such a chip anywhere upstream of where the source of randomness is digitized, say in an output driver chip or even in the cable connecting the RNG to the computer.
PGP Attacks(Site not responding. Last check: 2007-11-05)
The attack is a passive one where the attacker sits on a network and observes the RSA operations.
While the attack is definitely something to be wary of, it is theoretical in nature, and has not been done in practice as of yet.
This attack, however exotic it may seem, is not beyond the capability of anyone with some technical know-how and the desire to read PGP encrypted files.
If these 56 bit keys are derived by using a fixed pseudo-random numbergenerator that is seeded with an 8 bit seed, then an adversary needs to search through only 256 keys (by running the pseudo-random numbergenerator with every possible seed), not the 2^56 keys that may at first appear to be the case.
Even if the random bits are generated as slowly as one per second and it is not possible to overlap the generation process, it should be tolerable in high security applications to wait 200 seconds occasionally.
This amount of randomness is beyond the limit of that in the inputs recommended by the US DoD for password generation and could require user typing timing, hardware randomnumbergeneration, or other sources.
www.ietf.org /rfc/rfc1750.txt (9137 words)
Base 6 Dice Company(Site not responding. Last check: 2007-11-05)
are unique dice for casting authentic random numbers—those numbers tending to occur with the same relative frequency in which knowledge of one number (or an arbitrarily long sequence of numbers) is of no use in predicting the next number.
Rooted in number theory, a set of four base 6 dice is a compact randomnumbergenerator with applications in mathematics, education, and games.
indistinguishable from authentic randomnumbers, pseudo-random numbers cannot by definition be random.
The total number of packets that needs to be sent is then given by the range to be covered divided by the fraction of the window size that is used as an increment.
For the purpose of ISN generators comparison, we established a limit of guess set size at the level of 5,000 elements, which is considered a limit for trivial attacks that does not require excessive network bandwidth or processing power and can be conducted within few seconds.
Since the sequence number for TCP sessions is stored in packet headers using 32-bits of data, it was generally assumed that an attacker would have a very small chance of correctly guessing a sequence number to attack established (or to-be established) connections.
High-Entropy Symbol Generator(Site not responding. Last check: 2007-11-05)
Although there exist garden-variety “RandomNumberGenerators”; that are suitable for garden-variety applications, they fail miserably in adversarial applications such as high-stakes gaming or cryptography, for reasons discussed in section 9.1.
The symbols it generates are random in the strictest sense.
To repeat: One difference between a genuinely entropic randomnessgenerator and a pseudo-randomness generator is that for the latter you have to worry about where you get the initial seed, how you recover the seed after a crash/restart, and how you protect the seed for all time, including protecting your backup tapes.
An authentication system in which one player generates a randomnumber, encrypts it and sends the result as a challenge.
An active attack in which the attacker impersonates each of the legitimate players in a protocol to the other.
An attack in which the attacker only eavesdrops and attempts to analyse intercepted messages, as opposed to an active attack in which he diverts messages or generates his own.
The Code Project - PRNG (Pseudo Random Number Generator) - Free Tools(Site not responding. Last check: 2007-11-05)
VB's, and hence VBScript's, is a table consisting of 16,777,215 randomnumbers (this is, coincidentally, one of those magic numbers).
Randomnumbers are fundamental to the use of cryptographic mechanisms.
The primary uses of randomnumbers are for key generation and to ensure message uniqueness, which protects against various replay attacks (since many randomnumbers are not so random as they appear, the chances of figuring out the keys are much better than the odds let you believe).
There are lots of randomnumbergenerators out there.
I've written some tests for randomnumbergenerators, which can be used to test ISAAC, RC4, ax+b mod p, or any randomnumbergenerator you feel like writing.
If you find successful attacks or biases in smaller versions of ISAAC, I'll include them in isaac.html, even though there are no prizes for them.
