Member-only story
RSA and Random Bitstream Generators
At the core of our online security is randomness. Within this, we provide want to reveal none of the original data. A hash method will look like random bits, and where a single change in one of the input bits, will cause a change in around half of the outputs. But we need to generate encryption keys, and to keep these secure, we need them to be as near random as possible. While pseudorandom number generators are good, they are not as good as true random sources. But it must be said, that there are no random sources that have actually been proven to be truly random.
The usage of random numbers can cause many problems, as developers often just link to standard libraries which do not quite generate a proper random number, or which repeat in every time they are called.
True or pseudo?
Within cryptography, random numbers are used to generate things like encryption keys. If the generation of these keys could be predicted in some way, it may be possible to guess them. The two main types of random number generators are:
- Pseudo-Random Number Generators (PRNGs). This method repeats the random numbers after a given time (periodic). They are fast and are also deterministic, and are useful in producing a repeatable set of random numbers.
- True Random Number Generators (TRNGs). This…
