[13997] in cryptography@c2.net mail archive
Re: PRNG design document?
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Tue Sep 2 16:01:03 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: <cryptography@metzdowd.com>, "Tim Dierks" <tim@dierks.org>
Date: Tue, 2 Sep 2003 15:51:47 -0400
> Allow me to clarify my problem a little. I'm commonly engaged to review
> source code for a security audit, some such programs include a random
> number generator, many of which are of ad-hoc design. The nature of such
> audits is that it's much more appealing to be able to say "here are three
> accepted guidelines that your generator violates" rather than "I haven't
> seen that before and I don't like it, you should replace it with something
> else".
Here are two references that might also be helpful:
http://www.cryptography.com/resources/whitepapers/VIA_rng.pdf
http://www.cryptography.com/resources/whitepapers/IntelRNG.pdf
These are reports on the analysis of two RNGs, I found them well written.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
