Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site utcsri.UUCP Path: utzoo!utcsri!outer From: outer@utcsri.UUCP (Richard Outerbridge) Newsgroups: net.crypt Subject: Why no hardware random numbers? Message-ID: <868@utcsri.UUCP> Date: Mon, 11-Mar-85 23:35:39 EST Article-I.D.: utcsri.868 Posted: Mon Mar 11 23:35:39 1985 Date-Received: Tue, 12-Mar-85 00:00:53 EST Distribution: net Organization: CSRI, University of Toronto Lines: 22 Looking over the various schemes proposed for key generation and management it seems that one of the basic, really fundamental, requirements is a source of truly random numbers. All the master keys these schemes use are assumed to be truly random (generated off-line using die or lima beans, whatever) and much of the subsequent effort is devoted to constructing pseudo-random shadows of these original truly-random seeds. I also seem to recall that one of the specifications that Alan Turing made for the ACE computer way back when is that it include a hardware device capable of generating truly random numbers. Such a facility would doubtless be useful in other areas besides cryptography. Davies&Price advise that hardware random number generation is indeed practicable, albeit fraught with as many statistical pratfalls as ordinary pseudo-random number generation. It can't be that hard though. So, why do so few supposedly modern computers include a hardware random number generator? I mean really, every decent library includes at least one flawed-in- one-way-or-another pseudo-random generator so its not as though its an esoteric application. Why no hardware random numbers? -- Richard Outerbridge(416) 961-4757 Payload Deliveries: N 41 39'36", W 79 23'42", Elev. 106.47m.