Need Suggestions for Random Numbers

Perry E. Metzger pmetzger at lehman.com
Wed Oct 6 06:19:15 PDT 1993



Matthew J Ghio says:
> What PRNGs would you suggest using?

Don't use PRNGs for one time pads. To quote Don Knuth, anyone using
software methods to generate random numbers "is living in a state of
sin."

One time pads require REAL random numbers. If you are willing to, say,
use DES to generate your random numbers, you might as well encrypt
with DES instead of pretending that you have random numbers.

If you want a one time pad, do the logical thing -- go out and buy or
build a hardware random number generator. Don't pretend that if you
only make things "complicated enough" your numbers will be effectively
random, because they won't. See Knuth's huge section on random numbers
in "The Art of Computer Programming" for a demonstration of how a
really obscenely complex algorithm can yield bad numbers.

Perry







More information about the cypherpunks-legacy mailing list