[129311] in cryptography@c2.net mail archive
Re: On the "randomness" of DNS
daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Jul 30 17:48:30 2008
Date: Wed, 30 Jul 2008 20:06:23 +0100
From: Ben Laurie <ben@links.org>
To: Pierre-Evariste Dagand <pedagand@gmail.com>
CC: cryptography@metzdowd.com
In-Reply-To: <6cb897b30807301157q94008c1h75fea5eab0598df0@mail.gmail.com>
Pierre-Evariste Dagand wrote:
>> But just how GREAT is that, really? Well, we don'
>> t know. Why? Because there isn't actually a way test for randomness. Your
>> DNS resolver could be using some easily predicted random number generator
>> like, say, a linear congruential one, as is common in the rand() library
>> function, but DNS-OARC would still say it was GREAT. Believe them when they
>> say it isn't GREAT, though!
>
> Well, they are some tests to judge the "quality" of a random number
> generator. The best known being the Diehard tests:
>
> http://en.wikipedia.org/wiki/Diehard_tests
> http://stat.fsu.edu/pub/diehard/
>
> For sure, these tests might be an overkill here. Also, there must be
> some tests in the Art of Computer Programming too but I don't have it
> at hand right now (shame on me).
I doubt you can get a large enough sample in any reasonable time.
> I don't see the point of evaluating the quality of a random number
> generator by statistical tests.
Which is entirely my point.
> But I might be wrong, though.
>
> Regards,
>
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
