Thales Blog

Data Encryption: Random Or Pseudorandom?

March 26, 2012

If you want to use encryption, you need to use keys. A key is (or rather should be) a random number that can encrypt or decrypt your information. A strong key is strong because the random nature of the chosen number means it could lie anywhere on a virtually endless number line. As readers of this blog will know, once you have a strong key, effective key management is essential to ensure the data it protects remains secure.

A recent study (which I referenced in a previous post ) found that a small percentage (0.38%) of over 7 million public keys share a common factor and subsequently can be easily compromised. As Bruce Schneier recognises in his blog post, these 'weak' keys were almost certainly created with a poor random number generator. A poor random number generator does not create 'random' numbers, only 'psuedorandom' numbers i.e. numbers generated by a predictable process. Keys based on pseudorandom numbers are liable to compromise, meaning that data encrypted with such keys are not secure.

How then can you be sure that your data is encrypted with keys based on truly random numbers? As one of our Standards of Due Care when deploying encryption, Thales recommends that you always 'know the origin and quality of your keys'. In practice, this means that you should generate keys using tamper-resistant devices that are capable of generating truly random numbers such as Hardware Security Modules.

We also recommend that you 'adopt independently certified products wherever possible'. It's safe to assume that the 0.38% of public keys which shared a common vulnerability were created using uncertified encryption methods. There is little point going to the effort of locking the door if you simply leave the key under the matt.

I'm going to get a little technical here. Generating a strong key ultimately relies on a good source of entropy that is obtained by measuring something. Measurements of time and interrupt counters (as used in most firmware or software random number generators) are predictable and inherently weak. Measurements of thermal noise or radioactive decay are impossible to predict and truly random. You can't tell whether a key is really random by just looking at it due to the multiple steps involved in key generation - you need to be sure therefore that your key generator can really make random keys. The safest way to do this is by deploying an independently certified, tamper resistant product such as a FIPS 140-2, level 3 Hardware Security Module with a true hardware range number generator. This independent certification process checks the integrity and accuracy of all key management operations including key generation.

To download a copy of the 2011 Global Encryption Trends Study which includes Thales' Standards of Due Care, click here