Search RFCs
RFC 8937
Randomness Improvements for Security Protocols,October 2020
- File formats:
- Also available:XML file for editing
- Status:
- INFORMATIONAL
- Authors:
- C. Cremers
L. Garratt
S. Smyshlyaev
N. Sullivan
C. Wood - Stream:
- IRTF
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8937
Discuss this RFC: Send questions or comments to the mailing listcfrg@irtf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8937
Abstract
Randomness is a crucial ingredient for Transport Layer Security (TLS)and related security protocols. Weak or predictable"cryptographically secure" pseudorandom number generators (CSPRNGs)can be abused or exploited for malicious purposes. An initial entropysource that seeds a CSPRNG might be weak or broken as well, which canalso lead to critical and systemic security problems. This documentdescribes a way for security protocol implementations to augmenttheir CSPRNGs using long-term private keys. This improves randomnessfrom broken or otherwise subverted CSPRNGs.
This document is a product of the Crypto Forum Research Group (CFRG)in the IRTF.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.