Randomness Recommendations for Security, December 1994
- Canonical URL:
- File formats:
- Obsoleted by:
- RFC 4086
- D. Eastlake 3rd
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
Choosing random quantities to foil a resourceful and motivated adversary is surprisingly difficult. This paper points out many pitfalls in using traditional pseudo-random number generation techniques for choosing such quantities. It recommends the use of truly random hardware techniques and shows that the existing hardware on many systems can be used for this purpose. This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.