From: David Honig <honig@sprynet.com>
Date: Sun, 4 Oct 1998 16:09:19 +0800
To: Clifford Heath <cypherpunks-unedited@toad.com
Subject: Re: Randomness testing
In-Reply-To: <m0zOxtY-0001eoC@magpie.osa.com.au>
Message-ID: <3.0.5.32.19981004135242.00882410@m7.sprynet.com>
MIME-Version: 1.0
Content-Type: text/plain



At 03:36 PM 10/2/98 +1000, Clifford Heath wrote:
>We have been asked by a customer if we have any tests that demonstrate 
>the randomness of the SSLeay random number generator (augmented by some
>sound-card random number seeding that we wrote).
>
>I'd like to find some standard implementation for testing randomness, but 
>Schneier offers no help (other than a reference to Knuth Vol 2), and I
>don't know where else to turn.
>
>I realise that cryptographic randomness requires unpredictability, and
>this quality depends upon closed-world assumptions about unknown individuals'
>predictive powers, but we have to live with that.

* Marsaglia's DIEHARD suite, also see DIEHARDC
* I posted code for Maurer's Universal statistical test a week or so
ago; I find this discriminates between a cipher output and real noise...
* Find the RAND corp paper on random numbers 
* See FIPS 140