SEED Project

Pseudo Random Number Generation Lab

Overview

Generating random numbers is a quite common task in security software. Many developers know how to generate random numbers (e.g. for Monte Carlo simulation) from their prior experiences, so they use the similar methods to generate the random numbers for security purpose. Unfortunately, a sequence of random numbers may be good for Monte Carlo simulation, but they may be bad for encryption keys. Developers need to know how to generate secure random numbers, or they will make mistakes. Similar mistakes have been made in some well-known products, including Netscape and Kerberos.

In this lab, students will learn why the typical random number generation method is not appropriate for generating secrets, such as encryption keys. They will further learn a standard way to generate pseudo random numbers that are good for security purposes.

Tasks (PDF)

VM version: This lab has been tested on our SEED Ubuntu-20.04 VM

Time (Suggested)

Supervised (closely-guided lab session): 2 hours
Unsupervised (take-home project): 1 week

Feedback and Help

	Please give us your feedback on this lab using this feedback form.
	The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.