Randomness of Generated Keys

To prevent key generation from being predictable, keys must be generated randomly. However, keys that are generated by computer software are never generated in a truly random manner. At best, software-key generators use pseudo-random processes to ensure that virtually no one can predict what keys are going to be generated. However, if an attacker can predict the major variables that are used in key generation, he or she also can predict what keys will be generated.

When properly implemented, software-based key generation provides ample security for a wide range of network and information security needs. But there is always a slight risk associated with software-generated keys, no matter how well the random-key generator is implemented. Therefore, to provide maximum protection of highly valuable information, consider deploying security solutions that provide truly random, hardware-generated keys.