Re: Proposal for New Section 11.1 PRNG

To: Chris Lonvick <clonvick%cisco.com@localhost>
Subject: Re: Proposal for New Section 11.1 PRNG
From: Russ Housley <housley%vigilsec.com@localhost>
Date: Thu, 15 May 2003 17:02:26 -0400

Chris:

   ... and, furthermore, the PRNG should be seeded with
   some truly random inputs, or as random as can be available.  RFC 1750
   [1750] contains more discussion on this and suggestions for
   randomness.  Implementors should note well the importance of truly
   random values where needed in this document.  They should also heed
   the well-meant, anecdotal warning that implementing PRNG functions are
   difficult to get right.

I think that the term "truly random" ought to be avoided. In thesubsequent paragraph. the term "entropy" is used. I think that is a betterway to go. I propose:


   ... and, furthermore, entropy needs to be added to the PRNG.
   RFC 1750 [1750] offers suggestions for sources of entropy.
   Implementors should note the importance of entropy and the
   well-meant, anecdotal warning about the difficulty in
   properly implementing PRNG functions.

Russ

Follow-Ups:
- Nmap and SSH in "The Matrix: Reloaded"
  - From: Chris Lonvick
- 2nd version - Proposal for New Section 11.1 PRNG
  - From: Chris Lonvick

References:
- 2nd Version was: New Proposal for Section 11.3.3 X11 Forwarding
  - From: Chris Lonvick
- Proposal for New Section 11.1 PRNG
  - From: Chris Lonvick

Prev by Date: Proposal for New Section 11.1 PRNG
Next by Date: Re: New Proposal for Section 11.1.4 Man-in-the-middle
Previous by Thread: Proposal for New Section 11.1 PRNG
Next by Thread: 2nd version - Proposal for New Section 11.1 PRNG
Indexes:

Home | Main Index | Thread Index | Old Index