Editing Random number generator attack (section)

{{Short description|Class of attack on cryptographic systems}}
The security of [[cryptographic]] systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some [[randomization]] is typically employed. Modern [[cryptographic protocol]]s often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as '''random number generator attacks'''.

A high quality [[random number generator|random number generation]] (RNG) process is almost always required for security, and lack of quality generally provides attack vulnerabilities and so leads to lack of security, even to complete compromise, in cryptographic systems.<ref>{{cite web|url=https://tools.ietf.org/id/draft-jenkins-cnsa-cmc-profile-00.html|title=Commercial National Security Algorithm (CNSA) Suite Profile of Certificate Management over CMS|author=Michael Jenkins|author2=Lydia Zieglar|work=IETF draft draft-jenkins-cnsa-cmc-profile-00|date=September 28, 2018|publisher=U.S. National Security Agency|quote=The use of inadequate pseudo-random number generators (PRNGs) can result in little or no security. The generation of quality random numbers is difficult.}}</ref> The RNG process is particularly attractive to attackers because it is typically a single isolated hardware or software component easy to locate. If the attacker can substitute pseudo-random bits generated in a way they can predict, security is totally compromised, yet generally undetectable by any upstream test of the bits. Furthermore, such attacks require only a single access to the system that is being compromised. No data need be sent back in contrast to, say, a [[computer virus]] that steals [[key (cryptography)|keys]] and then e-mails them to some drop point.