Computer-generated
Random numbers form an essential part of modern
cryptography. Unfortunately it is extremely difficult to generate a true random number sequence with a computer. Many
algorithms exist that will generate
pseudo-random sequences of numbers based on an initial
seed value. The
period of the resulting sequence of numbers may well be in the order of 2
128. This is not good enough for strong
cryptography.
For a random number sequence to be secure in a cryptographic sense, it must satisfy the following conditions:
- It must look random. This is tough to quantify, obviously a sequence like 12,24,48,96 is not particularly random.
- Given knowledge of the algorithm used to generate the sequence and all previous values it must be impossible to predict the next value in the sequence.
If the random numbers used in an encryption algorithm are known it becomes significantly easier to defeat the encryption scheme. For example it may be possible to obtain encryption keys simply with knowledge of the algorithm used to generate them, and the random number used to generate the previous key.
For further information read: Applied Cryptography.