Randomness

RANDOMNESS

Random numbers are very important for almost all cryptography operations. For example, if in the past task (One Time Pad) an attacker could find out the function that is used to generate "random" numbers, if the attacker find out this function he can generate the exact same key that we used to cipher our message.

The measure for randomness is called entropy.The entropy does not measure how many bits are in a value, but how uncertain we are about a value[1].

It is extremely hard to find real random data, however there are some physical processes that behave in a completely random way (e.g. ; the laws of quantum physics), but even with a complete random number we are exposed to certain kinds of attacks, for example, the attacker can influence the quantum particles to behave predictably. 

Linux Pseudo-Random Number Generator(LRNG)

In linux we can create pseudo random numbers by using the file /dev/random. /dev/random access to environmental noise collected from device drivers and other sources[2].The LRNG is composed of about 2500 lines of code, and in addition, hundreds of code patches were applied to the code during the last five years. FreeBSD has also his own cryptographically pseudo random number generator  which is based on the Yarrow Algorithm, one of the best known designs[3].

It's impossible to test whether a given sequence of values is random, because in a good random generator each possible value has the same probability to appear.

Bibliography

[1] Ferguson, kohno & Scheiner , (2010), Cryptography Engineering: Design Principles and applications, .

[2]  http://www.2uo.de/myths-about-urandom/

[3] Zvi Gutterman ,Benny Pinkas and T. Reinman (2006), Analysis of the Linux Random Number Generator
[4]http://elisa.dyndns-web.com/teaching/comp/sec/diap.pdf