Handbook of Applied Cryptography
Handbook of Applied Cryptography
"Pseudo-Random" Number Generation Within Cryptographic Algorithms: The DDS Case
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Guide to Elliptic Curve Cryptography
Guide to Elliptic Curve Cryptography
A model and architecture for pseudo-random generation with applications to /dev/random
Proceedings of the 12th ACM conference on Computer and communications security
Analysis of the Linux Random Number Generator
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Software generation of practically strong random numbers
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Beamauth: two-factor web authentication with a bookmark
Proceedings of the 14th ACM conference on Computer and communications security
Cryptanalysis of the windows random number generator
Proceedings of the 14th ACM conference on Computer and communications security
WebIBC: Identity Based Cryptography for Client Side Security in Web Applications
ICDCS '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems
Hi-index | 0.01 |
With the increasing concerns over the security and privacy of Web based applications, many solutions based on strong cryptography have been proposed to protect client side Web applications against attacks such as phishing, pharming and even server side attacks. While strong cryptography is used, one critical building block in cryptosystem, the random number generator, is often neglected. Considering this situation, in this paper we design and implement a pseudo-random number generator only rely on ubiquitous Web browser abilities - JavaScript, HTML and AJAX. We also provide a mechanism called Pseudo-cookiefor JavaScript programs to access operating system services for retrieving random or entropy values without changing Web browser security policies. The security model, analysis and performance evaluation demonstrate that our method is secure and efficient.