Abstract
Although much thought usually goes into the design of encryption
algorithms and protocols, less consideration is often given to
equally important issues such as the selection of cryptographically
strong random numbers, so that an attacker may find it easier to
break the random number generator than the security system it is
used with. This paper provides a comprehensive guide to designing
and implementing a practically strong random data accumulator and
generator which requires no specialised hardware or access to
privileged system services. The performance of the generator on
a variety of systems is analysed, and measures which can make
recovery of the accumulator/generator state information more
difficult for an attacker are presented. The result is an easy
to use random number generator which should be suitable even for
demanding cryptographic applications.