The present invention relates to the generation of random numbers and more particularly to the generation of random numbers in a communication system.
With the ongoing development of the Internet for both commercial transactions and communication of private information, it has become increasingly necessary to encrypt certain Internet information and also to authenticate users and transactions. Protocols employed for authentication and protection of private information typically rely on cryptographic techniques. For example, the IPSEC protocol is used to protect information transported across virtual private networks that facilitate secure private networking over the public Internet. The cryptographic techniques underlying such secure protocols require generation of random numbers to generate encryption and decryption keys that assure secure operation. The security achieved depends on generation of truly random numbers whose values cannot be predicted by those seeking to compromise security.
Generating truly random numbers is a non-trivial task. To generate a single truly random number in software may require millions of clock cycles. To accomplish this without severely impacting other processing, a separate hardware accelerator is often used to offload the main processor, adding expense and complexity. Another solution is to substitute a significantly more powerful main processor, also adding expense.
There are other techniques that rely only on hardware to generate truly random numbers. Typically, the hardware computation of a random number begins by generating a seed that is obtained by monitoring a randomly varying parameter of a solid state device or other electronic component. For example, one may monitor the seek times of disk drives, thermal noise of a resistor, clock jitter in a phase locked loop, an XOR'ed combination of oscillator outputs, radioactive decay times, etc. These techniques require relatively expensive customized hardware. For example, monitoring thermal noise of a resistor requires both a specialized resistor and a zener diode.
What is needed are systems and methods for random number generation that require a minimum of specialized hardware and additional cost, and that can be readily applied to secure communications.