ABSTRACT
Random numbers sit at the heart of almost all cryptographic and security protocols. For example, they are needed to produce random keys for symmetric encryption, large primes for asymmetric encryption, and initialization vectors for block encryption. For the system to function securely, there needs to be some method of producing, and obtaining, random numbers quickly. Numbers that aren’t quite “random” enough can lead to the systems being attacked: if the adversary has enough information to be able to predict at least some of the next number, he or she can use that information against the system. This was the subject of a famous attack against an SSL implementation in an early version of the Netscape web browser.
