Secure random numbers


Explanation: Generating random numbers for use in initializing pseudorandom number generators and cryptographic algorithms, using them correctly, and avoiding reusing them are challenging problems.

Vulnerabilities addressed: Addresses ineffective cryptographic mechanisms.

Developer resources required: Requires access to vetted procedures for random number generation; might be platform-dependent.

Evaluator resources required: Requires manual review of design and code.