Timothy C. May says: > I don't think generating random numbers is all that much of a > priority. The Blum-Blum-Shub C code is available, and I defy anyone to > break _that_ PRNG! Its partially a question of speed. Many applications, like one time pads, are just too slow to generate random strings for given normal techniques. Its partially a question of automation -- I'd like to be able to generate public/private key pairs on a regular basis and its hard to do given all the goddamn typing. Its partially a question of abstract hacker satisfaction -- one would like to know that one's numbers are RANDOM. That isn't a matter of ``abstract hacker satisfaction''. That's a very strong security requirement: how do you *know* that your keys are random? Tim May suggested using Blum-Blum-Shub. Fine -- but how are you going to seed it? That's why I want real random numbers -- as a seed to Blum-Blum-Shub or quintuple IDEA or MD5 composed with SHS' or whatever. I probably wouldn't use the random numbers in raw form, though -- and no one else does, either; the real random number generators I've seen all incorporate some sort of scrambling function.