Secure random number cryptography software

Most cryptographic procedures require random numbers. Many security applications have failed or been severely compromised because their random number generators failed to be sufficiently random. In particular, the rand() or Rnd() functions provided with programming languages like Visual Basic, C and Perl are not secure from a cryptographic point of view. For more details and examples see Software Generation of Practically Strong Random Numbers by Peter Gutmann.

Many procedures use a random session key to encrypt the body of the message. If this key is ever compromised - because the random numbers are predictable or can be manipulated before being generated - an opponent who has had access to your encrypted messages can decipher them at his leisure. You do not use the standard Rnd() or rand() to generate your random session keys!

As of September 2007, the random number generators (RNG) in CryptoSys API, the CryptoSys PKI Toolkit, and CryptoSys KeyExchange use the techniques from NIST SP 800-90 Recommendation for Random Number Generation Using Deterministic Random Bit Generators (pdf, 535 kB). This is now an Approved random number generator applicable to FIPS PUB 140-2 as per Annex C: Approved Random Number Generators for FIPS PUB 140-2, Security Requirements for Cryptographic Modules (pdf, 129 kB) January 24, 2007. We also include the tests required to conform to FIPS PUB 140-2 Security Requirements for Cryptographic Modules (pdf, 1.4 MB).

The algorithm used for our RNG generators has been published for peer review and comment.