Electronic communication of information has become commonplace. Today, information, including sensitive information, regarding individuals, businesses, and other entities, can be communicated electronically between devices. For example, computers, cellular phones, smart cards, and other electronic devices can be utilized to electronically communicate information between users. Further, devices, like smart cards, can be utilized to provide a digital signature or other authentication information that can reasonably identify the user of the smart card and can provide certain information regarding the user and/or can enable the user to sign electronic documents (e.g., legal documents) in a secure manner.
With regard to the electronic communication of sensitive information, encryption/decryption techniques can be utilized to protect such information from being accessed by undesired persons (e.g., attackers, hackers). For example, public key encryption can be utilized to secure information electronically communicated between devices. For example, when sending a message, an entity can utilize a public key, which can be published and made available to users, to encrypt the message data. The encrypted message can be sent to a recipient, who can utilize a private key, which can be known to the recipient but not others, so that the encrypted message data can be decrypted and the message can be perceived in a usable form. To facilitate data security, random numbers can be generated and/or employed to work in conjunction with cryptographic algorithms to facilitate randomization of the cryptographic process. Further, random numbers can be utilized to facilitate identifying a device and/or a user of the device.
One type of random number generator is a pseudo random number generator, which can generate random-looking numbers based on an algorithm, for example. Data secured using numbers generated by a pseudo random number generator can be susceptible to attack as an attacker can potentially learn the algorithm used to generate the random-looking numbers, for example, by observing a pattern of number generation associated with the algorithm, and can thereby discover the data secured using such random-looking numbers.
True random number generators can generate random numbers, for example, based on a physical phenomena, such as thermal noise. True random number generators can be preferred over pseudo random number generators because a true random number generator can generate a truly random number, as opposed to pseudo random number generators that generate numbers that appear to be random. However, with portable electronic devices, generating random numbers based on, for example, thermal noise can be problematic and/or can subject data to attack, as an attacker can attempt to influence the generation of random numbers by controlling the thermal conditions associated with the electronic device.
It is desirable to maintain the security of information communicated electronically from attack. It is also desirable to be able to provide a unique identification associated with an electronic device and/or user, where the unique identification can be related to a random number. Further, it is desirable that such random number generation be manageable on electronic devices, including portable electronic devices (e.g., cellular phones, smart cards), such that there is a low risk of attack.