Current methods for generating random numbers based on various sources of entropy and their attack techniques.
Random numbers form the basis, or root, of most security systems. Yet the methods for generating random numbers vary widely in practice as well as efficacy. Over time, many popular randomization algorithms and circuit implementations have been shown to be provably flawed. The paper will examine current methods for generating random numbers based on various sources of entropy as well as their associated attack techniques, including physical, statistical, and electronic methods. This is followed by newer methods of generating less vulnerable (more truly random) numbers, and of doing so with standard digital electronic circuits and/or software. Finally, the verifiability of purported randomness is examined in order to avoid falling into the trap of providing the appearance of randomness without the actual benefits.
To read more, click here.