RFC 8937

Randomness Improvements for Security Protocols, October 2020

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
 
Status:
INFORMATIONAL
Authors:
C. Cremers
L. Garratt
S. Smyshlyaev
N. Sullivan
C. Wood
Stream:
IRTF

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC8937

Discuss this RFC: Send questions or comments to the mailing list cfrg@irtf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 8937


Abstract

Randomness is a crucial ingredient for Transport Layer Security (TLS) and related security protocols. Weak or predictable "cryptographically secure" pseudorandom number generators (CSPRNGs) can be abused or exploited for malicious purposes. An initial entropy source that seeds a CSPRNG might be weak or broken as well, which can also lead to critical and systemic security problems. This document describes a way for security protocol implementations to augment their CSPRNGs using long-term private keys. This improves randomness from broken or otherwise subverted CSPRNGs.

This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search