21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

It would be nice if you did not have to collect entropy every time a program starts up<br />

or the machine reboots. You should need to get entropy only once per application,<br />

then be able to store that entropy until the next time you need it.<br />

If you have sufficient trust in the local filesystem, you can certainly do this by writing<br />

out a seed to a file, which you can later use to initialize the generator when it<br />

starts back up. Of course, you need to make sure that there are no possible security<br />

issues in file access. In particular, the location you use for saving seed files needs to<br />

be a secure location (see Recipe 2.4 for more on how to ensure this programmatically).<br />

In addition, you should be sure not to store a seed on a potentially untrusted<br />

filesystem, such as an NFS mount, and you should probably use advisory file locking<br />

in an attempt to defeat any accidental race conditions on the seed file.<br />

You should also consider the threat of an insider with physical access to the machine<br />

compromising the seed file. For that reason, you should always strive to add new<br />

entropy to a generator after every startup as soon as enough bits can be collected.<br />

Using a seed file should be considered a stopgap measure to prevent stalling on startup.<br />

See Also<br />

Recipes 2.4, 11.6, 11.20, 11.21<br />

11.18 Statistically Testing Random Numbers<br />

<strong>Problem</strong><br />

You are using a hardware random number generator or some other entropy source<br />

that hasn’t been cryptographically postprocessed, and you would like to determine<br />

whether it ever stops producing quality data. Alternatively, you want to have your<br />

generator be FIPS 140 compliant (perhaps for FIPS certification purposes).<br />

Solution<br />

FIPS 140-2 tests, which are ongoing throughout the life of the generator, are necessary<br />

for FIPS 140 compliance. For actual statistical tests of data produced by a<br />

source, the full set of tests provided by FIPS 140-1 are much more useful, even<br />

though they are now irrelevant to the FIPS certification process.<br />

Statistically Testing Random Numbers | 615<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!