Lecture 10, key distribution for symmetric key cryptography and generating random numbers. The goals of this chapter are: Why might we need key distribution centers? Master key vs. session key, hierarchical and decentralized key distributions, generating pseudorandom numbers. | Lecture 10: Key Distribution for Symmetric Key Cryptography and Generating Random Numbers Lecture Notes on “Computer and Network Security” by Avi Kak (kak@) February 11, 2016 4:07pm c 2016 Avinash Kak, Purdue University Goals: • Why might we need key distribution centers? • Master key vs. Session key • Hierarchical and decentralized key distributions • Generating pseudorandom numbers • Generating cryptograhically secure pseudorandom numbers • Hardware and software entropy sources for truly random numbers • A word of caution regarding software entropy sources CONTENTS Section Title Page The Need for Key Distribution Centers 3 The Needham-Schroeder Key Distribution Protocol 5 Some Variations on the KDC Approach to Key Distribution 10 Kerberos 12 Random Number Generation 23 When are Random Numbers Truly Random? 25 Pseudorandom Number Generators (PRNG): Linear Congruential Generators 27 Cryptographically Secure PRNGs: The ANSI Algorithm 32 Cryptographically Secure PRNGs: The Blum Blum Shub Generator (BBS) 37 Entropy Sources for Generating True Random Numbers 40 Software Entropy Sources 47 /dev/random and /dev/urandom as Sources of Random Bytes 49 EGD — Entropy Gathering Daemon 54 PRNGD (Pseudo Random Number Generator Daemon) 58 A Word of Caution Regarding Software Sources of Entropy 60 Homework Problems 63 2 Computer and Network Security by Avi Kak Lecture 10 : THE NEED FOR KEY DISTRIBUTION CENTERS • Let’s say we have a large number of people, processes, or systems that want to communicate with one another in a secure fashion. Let’s further add that this group of people/processes/systems is not static, meaning that the individual entities may join or leave the group at any time. • A simple-minded solution to this problem would consist of each party physically exchanging an encryption key with .