Cryptographically Secure Pseudorandom Number Generator
A cryptographically secure pseudo-random number generator (CSPRNG) is a pseudo-random number generator (PRNG) with properties that make it suitable for use in cryptography.
Many aspects of cryptography require random numbers, for example:
- Key generation
- Nonces
- One-time pads
- Salts in certain signature schemes, including ECDSA, RSASSA-PSS.
The "quality" of the randomness required for these applications varies. For example creating a nonce in some protocols needs only uniqueness. On the other hand, generation of a master key requires a higher quality, such as more entropy. And in the case of one-time pads, the information-theoretic guarantee of perfect secrecy only holds if the key material is obtained from a true random source with high entropy.
Ideally, the generation of random numbers in CSPRNGs uses entropy obtained from a high quality source, which might be a hardware random number generator or perhaps unpredictable system processes — though unexpected correlations have been found in several such ostensibly independent processes. From an information theoretic point of view, the amount of randomness, the entropy that can be generated is equal to the entropy provided by the system. But sometimes, in practical situations, more random numbers are needed than there is entropy available. Also the processes to extract randomness from a running system are slow in actual practice. In such instances, a CSPRNG can sometimes be used. A CSPRNG can "stretch" the available entropy over more bits.
Read more about Cryptographically Secure Pseudorandom Number Generator: Requirements, Some Background, Designs, Standards
Famous quotes containing the words secure, number and/or generator:
“There is not to be found, in all history, any miracle attested by a sufficient number of men, of such unquestioned good sense, education, and learning, as to secure us against all delusion in themselves ... beyond all suspicion of any design to deceive others ... and at the same time attesting facts, performed in such a public manner, and in so celebrated a part of the world, as to render the detection unavoidable.”
—David Hume (1711–1776)
“I think, for the rest of my life, I shall refrain from looking up things. It is the most ravenous time-snatcher I know. You pull one book from the shelf, which carries a hint or a reference that sends you posthaste to another book, and that to successive others. It is incredible, the number of books you hopefully open and disappointedly close, only to take down another with the same result.”
—Carolyn Wells (1862–1942)
“He admired the terrible recreative power of his memory. It was only with the weakening of this generator whose fecundity diminishes with age that he could hope for his torture to be appeased. But it appeared that the power to make him suffer of one of Odette’s statements seemed exhausted, then one of these statements on which Swann’s spirit had until then not dwelled, an almost new word relayed the others and struck him with new vigor.”
—Marcel Proust (1871–1922)