| |
|
|
||||
| |
|
|
|
|
|
|
Random data is useful in several areas of encryption. Generation of salt values, initializing vectors, encryption keys and many others call for random numbers. The problem is, computers can't generate anything random by themselves. In fact, generating numbers that are truly random outside of computers is extremely difficult. Even the line of defining what is good random data verses not is hard to draw. For the purposes of this article, we simply say good random data that which has these characteristics. Given any part of a the random data, it should not be possible to predict what data will or may come next; nor what data may have come before. The method in which the numbers were generated should be impossible to guess from the data alone. And lastly, the data generated should have fairly uniform bit distribution-- close to ratio of 50/50 for 1 or 0. Some applications require stronger sources of random data than others. By "stronger" we mean, less chances of patterns occurring and near impossibility of ever recreating a matching stream of random data. Systems such as asemantic encryption, where large prime numbers are generated at random or random key generation require sources of good random data that are not possible to reconstruct. If someone can recreate the random data used for such things, they could reconstruct encryption keys or secret key and circumvent the entire encryption system. In file encryption, such as that done in the Cypher system, secure random data isn't nearly as vital. However, it is still important to have good random data. For example, if the random number generator produces identical salt values, an attacker would know that if the same pass phrase was used on both files, the encryption streams used to encrypt each file were the same. This is a bad thing, since if they know any plaintext from one file, they can recover plaintext from the other. So it is important that the random number generator never create repeat streams of data. The random data system we will discus will cover the following topics:
|