In 1951, John von Neumann wrote:
Any one who considers arithmetical methods of producing random digits
is, of course, in a state of sin.
That may or may not be an overstatement.
IMHO it all depends on what is meant by random. The only notion
of randomness that I have found worthwhile is the
SHA-1(1), SHA-1(2), SHA-1(3), ... SHA-1(N) will look random, but clearly is
not.
Just by curiosity, I ran the Diehard tests on /dev/random (FreeBSD
7.0) and a sha1 sequence of [ 1 ... N ]. Both random files are 63 Mb.
I know that there has been some controversy about /dev/random of
FreeBSD on
Ben wrote:
But just how GREAT is that, really? Well, we don'
t know. Why? Because there isn't actually a way test for randomness. Your
DNS resolver could be using some easily predicted random number generator
like, say, a linear congruential one, as is common in the rand() library
Dirk-Willem van Gulik wrote:
I fail to see how you could evaluate this without seeing the code (and
even then - I doubt that one can properly do this -- the ?old? NSA habit
of tweaking your random generated rather than your protocol/algorithm
when they wanted your produced upgraded to export
Hi,
I would suggest to use http://www.cacert.at/random/ to test the
randomness of the DNS source ports. Due to the large variety of
random-number sources that have been tested there already, it's useful
as a classification service of unknown randomly looking numbers.
You just have to collect
I've changed the subject. Some of my own rants are about mathematical
cryptographers that are looking for the perfect solution, instead of
practical security solution. Always think about the threat first!
In this threat environment, the attacker is unlikely to have perfect
knowledge of the