RFC 1750

Randomness Recommendations for Security, December 1994

Canonical URL:
File formats:
Plain TextPDF
Obsoleted by:
RFC 4086
D. Eastlake 3rd
S. Crocker
J. Schiller

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC1750

Discuss this RFC: Send questions or comments to iesg@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Choosing random quantities to foil a resourceful and motivated adversary is surprisingly difficult. This paper points out many pitfalls in using traditional pseudo-random number generation techniques for choosing such quantities. It recommends the use of truly random hardware techniques and shows that the existing hardware on many systems can be used for this purpose. This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.

Download PDF Reader