Why LavaRnd?
To understand why LavaRnd should be considered a necessity a little
knowledge about cryptography is required.
Cryptography is used to validate your identity and to protect
your information from being (ab)used or altered.
Whenever you make a purchase on-line, or if you use an on-line banking or
investing service you are using cryptography.
You also use cryptography when you withdraw money from your bank using
a machine.
 |
|
The Key is the Key:
The protection of your
data depends on
using a good key
that others cannot guess.
|
|
In order to create the best cryptographic methods, cryptographers divide
the methods into two parts, an algorithm which describes how the
technique works and a key.
Good algorithms are very hard to design, it requires a group effort and
extensive study.
For a good algorithm that has been well studied, it cannot be a secret.
Therefore your protection when using cryptography comes from the key.
The key must be secret.
So what makes a good key?
There are two ways to make sure you have a good key.
The first is that the cryptographic method must allow the key to have
a large number of possible values.
It should take a very long time, with even the fastest imaginable
computer, to try all of the keys in order to find the correct one.
The second is to make sure the key is unguessable.
When it comes to computers, unguessable means that the key cannot be
predicted, it must be random.
|
| Computers:
Designed to be reliable,
not spontaneous.
Software alone cannot
generate secure random keys.
|
|
Computers are typically
very bad at being random because they are designed to be able
to reliably calculate the same answer, if given the same data to work with.
When computers don't behave this way they are considered broken and in
need of repair or replacement.
Keys generated by a pure software process on your typically
predictable computer will always, at some level,
be predictable.
What is next?
|
