Re: Random numbers

Thanks for that pointer. Mnay operating systems have both /dev/random 
and /dev/urandom -- I suspect that we would want to expose both types of 
random numbers (i.e. an event interface that returns when there is 
sufficient entropy, and a synchronous interface for getting 
pseudo-random numbers).

I would hope that when the hardware has a good source of random numbers 
(e.g. when Intel's Bull Mountain is available), then that source would 
be used in both cases. Getting good sources of entropy is hard, and this 
is especially important when generating keying material (recall the 
issues with duplicate primes in SSL certificates from earlier this year).

Philip

On 5/15/2012 11:01 AM, Nadim wrote:
> Also, very relevant is window.crypto.getRandomValues: 
> http://wiki.whatwg.org/wiki/Crypto
>
> NK
>
> On Tuesday, 15 May, 2012 at 10:59 AM, Nadim wrote:
>
>> If we implement AES and SHA-2, we can use these as building blocks 
>> for a Fortuna RNG (spec. Bruce Schneier, Niels Ferguson.) I've 
>> already implemented Fortuna in JS and it's definitely feasible.
>>
>> NK
>>
>> On Tuesday, 15 May, 2012 at 10:52 AM, Philip Gladstone wrote:
>>
>>> I believe that the crypto API should have a method for generating 
>>> cryptographically secure random numbers. This is non-trivial to get 
>>> right, but there is hardware support in some new chips for 
>>> generating high quality random numbers. A uniform random number 
>>> interface can abstract the platform differences and provide a 
>>> uniform interface..
>>>
>>> Philip
>>> --
>>> Philip Gladstone
>>> Distinguished Engineer
>>> Product Development
>>> pgladstone@cisco.com  <mailto:pgladstone@cisco.com>
>>> Phone: +1 978-ZEN-TOAD (+1 978 936 8623)
>>> Google: +1 978 800 1010
>>> Ham radio: N1DQ
>>>
>>> Attachments:
>>> - smime.p7s
>>
>

-- 
Philip Gladstone
Distinguished Engineer
Product Development
pgladstone@cisco.com
Phone: +1 978-ZEN-TOAD (+1 978 936 8623)
Google: +1 978 800 1010
Ham radio: N1DQ