21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

It would be nice if you did not have to collect entropy every time a program starts up<br />

or the machine reboots. You should need to get entropy only once per application,<br />

then be able to store that entropy until the next time you need it.<br />

If you have sufficient trust in the local filesystem, you can certainly do this by writing<br />

out a seed to a file, which you can later use to initialize the generator when it<br />

starts back up. Of course, you need to make sure that there are no possible security<br />

issues in file access. In particular, the location you use for saving seed files needs to<br />

be a secure location (see Recipe 2.4 for more on how to ensure this programmatically).<br />

In addition, you should be sure not to store a seed on a potentially untrusted<br />

filesystem, such as an NFS mount, and you should probably use advisory file locking<br />

in an attempt to defeat any accidental race conditions on the seed file.<br />

You should also consider the threat of an insider with physical access to the machine<br />

compromising the seed file. For that reason, you should always strive to add new<br />

entropy to a generator after every startup as soon as enough bits can be collected.<br />

Using a seed file should be considered a stopgap measure to prevent stalling on startup.<br />

See Also<br />

Recipes 2.4, 11.6, 11.20, 11.21<br />

11.18 Statistically Testing Random Numbers<br />

<strong>Problem</strong><br />

You are using a hardware random number generator or some other entropy source<br />

that hasn’t been cryptographically postprocessed, and you would like to determine<br />

whether it ever stops producing quality data. Alternatively, you want to have your<br />

generator be FIPS 140 compliant (perhaps for FIPS certification purposes).<br />

Solution<br />

FIPS 140-2 tests, which are ongoing throughout the life of the generator, are necessary<br />

for FIPS 140 compliance. For actual statistical tests of data produced by a<br />

source, the full set of tests provided by FIPS 140-1 are much more useful, even<br />

though they are now irrelevant to the FIPS certification process.<br />

Statistically Testing Random Numbers | 615<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!