[1886] in cryptography@c2.net mail archive
RNG redux
daemon@ATHENA.MIT.EDU (Zooko Journeyman)
Tue Nov 25 01:38:00 1997
Date: Tue, 25 Nov 1997 00:27:14 +0100 (MET)
From: Zooko Journeyman <zooko@xs4all.nl>
To: cryptography@c2.net
One more thing: I really liked what Bill Stewart had to say:
> Well, as a cryptographer, I'd ask "what's your threat model?".
> Are you looking for badly skewed data,
> or subtle but patterned data that could be abused,
> or patterns that will disrupt your Monte Carlo simulation accuracy,
> or ways to detect a trapdoor hidden in an algorithm,
> or ways to detect a trapdoor hidden in a string of random numbers?
> The former's pretty easy to catch, the latter's probably impossible,
> and the fourth one requires careful analysis.
I was looking for subtle non-randomness that could be abused.
I'm glad that resources such as those I just summarized exist.
There is really no excuse for sloppy or non-existent randomness
testing.
Regards,
Zooko
Software engineer for hire. Have computer, will travel.
http://www.xs4all.nl/~zooko/resume.html
