Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Encryption Security Programming IT Technology

LavaRnd: A Open Source Project for Truly Random Numbers 549

Phil Windley writes "Truly random numbers are crucial to good encryption. Most people have heard of Silicon Graphic's use of Lava Lamps to generate random numbers. There were some problems: it required special SGI hardware and software along with six lava lamps, and the solution wasn't portable. But the biggest drawback was that SGI patented the idea so it wasn't freely available. Now, some of the scientists behind the SGI random number system have create LavaRnd, an open source project for creating truly random numbers using inexpensive cameras, open source code, and inexpensive hardware. The system uses a saturated CCD in a light-tight can as a chaotic source to produce the seed. Software processes the result into truly random numbers in a variety of formats. The result is a random number that is crytographically sound, ranking at the top of its class in the NIST 800-22 Billion bit test. Its even portable, so the truly paranoid can take it with them when they travel."
This discussion has been archived. No new comments can be posted.

LavaRnd: A Open Source Project for Truly Random Numbers

Comments Filter:
  • by umrgregg ( 192838 ) on Thursday August 14, 2003 @12:50PM (#6696890) Homepage
    I just used LavaRnd's Lotto Number Generator with default values and it returned:

    1, 2, 3, 4, 5, 6

    Talk about random...

    Anyway, my idea for an open source number generator is to have people on slashdot post the first number that comes to mind in this thread. I don't know if it could get more random.... (patent pending)

    • by wfberg ( 24378 ) on Thursday August 14, 2003 @12:52PM (#6696907)
      Anyway, my idea for an open source number generator is to have people on slashdot post the first number that comes to mind in this thread. I don't know if it could get more random.... (patent pending)

      69
      • by drewbradford ( 458480 ) <drew@drewbradford.com> on Thursday August 14, 2003 @01:03PM (#6697094) Homepage
        What strikes me as odd is that the term "random numbers" is still used even among us, the excessively nerdy. Of course, pseudo-random is better, but I think that "unpredictable" would be the best term.

        All numbers generated are based on something, so they'll never be truly random. The best that we can do is make them truly unpredictable, such that it cannot be determined which specific factors they are based on.

        ===
        http://www.drewbradford.com/
        • Yeah, but pseudo-random numbers are, by definition, predictable.
        • I understand what you're trying to say, but you're wrong. Nature is random. Heisenberg showed that not only can you not predict the occurrence of an event, but that if you get enough information to try to do so, then the event itself will happen differently than you would predict - and the difference is also random.

          Look at atomic decay. You can predict fairly well how fast a large sample of a radioisotope will decay, but it is flat-out impossible to predict when any given atom will decay. That's about

        • Huh? Pseudo-random numbers are those that follow a sequence you can predict, if you know how the generator works and what its internal state is.

          Random numbers are those you cannot predict. I'm no physicist, but I think quantum theory says that many natural events occur randomly - that is, there's no way of knowing which slit a photon will 'choose' to go through, and it isn't particularly 'based on' anything except a 50/50 probability.

          All numbers generated are based on something, so they'll never be tr

    • by inertia187 ( 156602 ) * on Thursday August 14, 2003 @12:52PM (#6696913) Homepage Journal
      You think that's bizarre, I got "503 Service Unavailable." How do I use that as a lotto number??
    • Anyway, my idea for an open source number generator is to have people on slashdot post the first number that comes to mind in this thread. I don't know if it could get more random.... (patent pending)

      The only numbers that generates is 42,69,503,and 23. I figure in 2 more posts you might get 17 too.

    • 14i (Where i = square root of -1)

      If you want a real number....
      72

    • by Elbelow ( 176227 ) on Thursday August 14, 2003 @12:59PM (#6697022) Homepage
      I just used LavaRnd's Lotto Number Generator with default values and it returned:

      1, 2, 3, 4, 5, 6


      Well, in a truly random sequence, this combination is just as likely as any other... :-)
    • Be sure to filter out all instances of '42' in the output.
    • Incredible! (Score:4, Funny)

      by mblase ( 200735 ) on Thursday August 14, 2003 @01:00PM (#6697049)
      I just used LavaRnd's Lotto Number Generator with default values and it returned:
      1, 2, 3, 4, 5, 6


      That's the same combination I use on my luggage!
    • Reminds me of whay my friend that goes to Med-School used to do in their anatomy lab. Sometimes they needed to cut some parts to access others in the corpse. And said he would go around with the 'parts' saying

      Testis, Testis 1,2,3 Testis

      Just do not donate your body to science, ok?

    • How about 503?

      Myself, I like 2112.

      wbs.
    • by Guano_Jim ( 157555 ) on Thursday August 14, 2003 @01:11PM (#6697217)
      That sounds like the combination an idiot would have on his luggage!

    • I've had a gripe about random number research since I sat in on a guest colloquium on this topic in the late 80's.

      The word "random" cannot describe a result, only the process that generates that result. A truly random generator should be entirely capable of generating such patterned sequences like 1,2,3,4,5,6; although it should select them no more or less than any other sequence you care to consider interesting.

      Put another way, every seemingly random sequence will mean something very special to so
  • by Anonymous Coward on Thursday August 14, 2003 @12:51PM (#6696896)
    "But, sir, I need this lava lamp for my cubicle! It's required for encrypting our company's secrets. I also need the black light, for, uh... stopping pop-ups."
  • by hackstraw ( 262471 ) * on Thursday August 14, 2003 @12:51PM (#6696898)
    ... "truly random numbers in a variety of formats" ...

    Think about that for a second.
  • Sourceforge Copy (Score:5, Informative)

    by Anonymous Coward on Thursday August 14, 2003 @12:54PM (#6696940)
    Site's already /.'ed.

    You can nab the code off sourceforge though:
    [sourceforge.net]
    http://sourceforge.net/projects/lavarnd
  • Analog is the key (Score:4, Interesting)

    by whatch durrin ( 563265 ) on Thursday August 14, 2003 @12:55PM (#6696961)
    Isn't the key to generating a truly random number having an essentially analog source?

    That being said, could you not measure the exact voltage on a CPU, or the ambient temperature to several decimals, or other environmental conditions, then use that as a base?

    • Can't. All your base are belong to us :)

      But the more you can add to the entropy pool, combining as many factors, the better. You can at least monitor cpu temperature. I wouldn't be surprised if you can monitor power usage and other things. Maybe your audio port, or mic jack.
    • Of course, the fallacy is that there is any such thing as a "truly random number." They've just found a good way to seed a psuedo random number, with a source that is really rather unpredictable. Exact voltage or ambient temperature could work as well (I'm sure someone's tried them), but I think the contention is that this is less predictable and therefore more random, than things that have been done before.
    • No, analog is NOT the key. You know that an analog source can't jump from the lowest possible value to the highest possible value in an instant, like is required for truly randomness.

      The value of the lava lamp is that it's very unpredictable -- the changes are minor, but how they occur is not predictable, meaning it's a good source as parts of seeding a random number generator.

      Regards,
      --
      *Art
    • Re:Analog is the key (Score:3, Interesting)

      by hackstraw ( 262471 ) *
      Isn't the key to generating a truly random number having an essentially analog source?

      Not necessarily. Its best to have some kind of chaotic source [lavarnd.org]. Also, being that the world we live in is analog, not digital, aren't all sources analog in nature?

      An interesting source for chaotic conditions would be weather. If one could pick a seed from an arbitrary date in history and a seed for some arbitrary extra weather condition (increase/decrease temp, humidity, pressure, etc) and feed that back into a weather
    • by henele ( 574362 ) on Thursday August 14, 2003 @01:18PM (#6697307) Homepage
      From an article [extremetech.com] on VIA's Antaur [via.com.tw] processor...

      "The Antaur also ships with Via's "Padlock" feature, a random-number generator that actually produces "true" random numbers by measuring random components of the thermal energy produced by the chip, according to its designer, Glenn Henry. RNG generators can be used to develop true randomized cryptographic keys."

    • Re:Analog is the key (Score:3, Interesting)

      by MxTxL ( 307166 )
      Isn't the key to generating a truly random number having an essentially analog source?

      Well, no. Just a strict analog source would be good if you could poll it at random intervals. Unfortuantely, most regular analog sources follow a sine curve when you get to looking closely enough. Temperature will tend to fluctuate within a X of a degree around a certain temperature. No matter what resolution you look to, it will do the same thing, go a little up, and a little down. Basically following a sine curve. Poll
  • by Anonymous Coward on Thursday August 14, 2003 @12:56PM (#6696975)
    I don't want to start a holy war here, but what is the deal with you SGI lava lamp fanatics? I've been sitting here at my freelance gig in front of a lava lamp (SGI LavaRnd lamp) for about 20 minutes now while it attempts to create me a 17 Meg file of random numbers. 20 minutes. At home, the lava lamp I got from my mom, which by all standards should be a lot slower than this SGI lamp, the same operation would take about 2 minutes. If that. In addition, during this random number generation, Netscape will not work. And everything else has ground to a halt. Even Emacs Lite is straining to keep up as I type this.

    I won't bore you with the laundry list of other problems that I've encountered while working on various SGI lava lamps, but suffice it to say there have been many, not the least of which is I've never seen a SGI lava lamp that has run faster than its 1960s counterpart,despite the SGI lamp's smaller viscosity. My lamp with runs faster than this SGI lamp at times. From a productivity standpoint, I don't get how people can claim that the SGI LavaRnd is a "superior" machine.

    SGI addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use a SGI over other faster, cheaper, more stable systems.

    • You need an SGI with at least two CPUs to take advantage of the superior LavaRnd abilities! Also, dump Netscape for Mozilla!

      Your home PC LavaRnd setup may be able to generate a large random number faster than the SGI-based one... but the SGI LavaRnd has the architecture to generate many concurrent random numbers. It also has the ability to easily handle high definition random numbers without chugging!

      =)
  • First, (Score:4, Insightful)

    by EnderWiggnz ( 39214 ) on Thursday August 14, 2003 @12:57PM (#6696978)
    ...

    start with radioactive material... ...
  • Does it (Score:4, Funny)

    by Timesprout ( 579035 ) on Thursday August 14, 2003 @12:57PM (#6696982)
    A Open Source Project for Truly Random Numbers

    cause random n's to be dropped from sentences ?
  • by dlosey ( 688472 ) on Thursday August 14, 2003 @12:57PM (#6696984)
    Its even portable, so the truly paranoid can take it with them when they travel.

    that if one were truly paranoid they really travel in this day and age?
  • by AtariAmarok ( 451306 ) on Thursday August 14, 2003 @12:57PM (#6696990)
    I always wondered what was behind some of the moderation decisions I've been seeing!
  • other semiconductors (Score:5, Interesting)

    by fortunatus ( 445210 ) on Thursday August 14, 2003 @12:57PM (#6696991)
    audio circuits often use diode junctions in reverse-breakdown mode as a source of "white noise". couldn't we computer folks do the same? seems a similar idea to the the dark CCD technique.
    • by Black Parrot ( 19622 ) on Thursday August 14, 2003 @02:08PM (#6697992)


      > audio circuits often use diode junctions in reverse-breakdown mode as a source of "white noise". couldn't we computer folks do the same? seems a similar idea to the the dark CCD technique.

      I think there are already a lot of solid-state solutions out there that use thermal noise [google.com] to generate random bits. The lava-lamp solution and its derivatives sound like a lot of fun geeky fooling-around, but ultimately seem to be a solution in search of a niche.

  • by van der Rohe ( 460708 ) on Thursday August 14, 2003 @12:57PM (#6696996)
    I'm not a math guy. At all.
    So forgive me if this is dumb or not the right idea.
    But why not just use a sensitive microphone listening to the ambience in a room to "seed" some sort of algorithm?

    • by haystor ( 102186 ) on Thursday August 14, 2003 @01:04PM (#6697114)
      You are correct that white noise can produce appropriately random numbers.

      The problem is that for encryption purposes you may need some huge random numbers. If you want to do that from an analog solution you'll have to take your samples closer and closer together, until the numbers become less random. If you start sampling sound 1 million times a second, any two values next to each other my be really close and actually predictable.

      • Right, and then there's the problem of isolation. The reason that the camera in this project is in a sealed box is because that if you are going to try and actually prove mathematically that the randomness of the system is truly random, it needs to be in isolation, outside of the realm of any intervention.

        Therefore, just putting a mic in a room allows for the possibility that the seed can be manipulated, although figuring out what sounds to make in the room to do so in a predicatable manner is incredibley
    • Good idea, but insecure. What happens when I put a tuning fork next to it? That provides order, and order = no entropy = no randomness. Its too easy to tamper with, and a motivated attacker could limit or even predict the output.

      You're on the right track though. Its an analog source, just like the lava lamps.. but how the heck are you going to tamper with a lava lamp? :)

      -molo
    • by Suicyco ( 88284 ) on Thursday August 14, 2003 @01:11PM (#6697216) Homepage
      Because sound is not random at all. White noise is, but how often do you hear that? Not often. Voices, cars driving by, phones ringing, all of these are patterns. Patterns lead to cracks in the numbers that can be culled for weaknesses in the algorithm. This in turn leads to knowledge of what algorithm is being used, which in turn leads to a directed cryptanalysis of the data, exactly what true random numbers are meant to avoid.

      Even using mouse clicks, keystroke times, etc. is not random. Thats why its called "pseudo-random". Processing normal everyday sound through a PRNG (pseudo random number generator) is still only pseudo, not real.

      People have been working on this problem for decades. Trust me, what you are asking about has not only been tried, but been used and even attacked.
      • Sound does not give white noise, but thermal noise on a perfect resistor is perfectly white. An imperfect resistor can produce an excellent approximation of white noise within a fairly large bandwidth.

        As to working on the problem for decades, excellent commercial analog white-noise generators have been available for half a century or more. The only problem is making a very cheap white noise source that can be digitized conveniently.

  • by PrimeWaveZ ( 513534 ) on Thursday August 14, 2003 @12:57PM (#6697001)
    For generating random numbers: A quarter in my pocket and a lot of free time.
  • by mbreitba ( 662883 ) on Thursday August 14, 2003 @12:58PM (#6697013)
    I had a friend that 5 or 6 years ago used the "white noise" from his SB 16 to generate random numbers. Wouldn't this be much more portable than a lava lamp? -Matt
    • Good idea, but insecure. What happens when I put a tuning fork next to it? That provides order, and order = no entropy = no randomness. Its too easy to tamper with, and a motivated attacker could limit or even predict the output.

      You're on the right track though.

      -molo
    • Mod that "funny" rather than "insightful".

      Computers generate white noise by calculating random numbers and converting them to sound patterns.

      So when you sample that to turn it back into a number, you've done nothing more than waste CPU, bus, and sound-board resources to create what is probably a degraded level of randomness.
  • Lava lamps? Damn hippies.
    • Well, it's not a stupid idea. Lava lamps are created by a polymer that changes physical properties when heated and regains these properties when cooled down. When your "blobs" float towards the bottom, the heat from the light heats them up, they move upwards and cool off when they're farther away from the top. I can imagine that this change of physical property is quite random.
  • Can't be done. (Score:3, Informative)

    by Chess_the_cat ( 653159 ) on Thursday August 14, 2003 @12:58PM (#6697020) Homepage
    Unless the random-number generator is built outside of our Universe, it can't generate truly random numbers. Only pseudo-random ones. As it stands, there will always be something influencing the result. Fortunately for us, pseudo-random numbers are impossible to differentiate from random ones and are random enough to serve our purposes anyway.
    • Re:Can't be done. (Score:3, Insightful)

      by nat5an ( 558057 )
      Hey! Quit spoiling the party with actual facts!

      Seriously though. Your point is valid. In our universe, (good) psuedorandom numbers are just as random as anything else in the universe (that we consider random). The real problem is that people look for a distinction between random and pseudorandom when none exists.
    • Re:Can't be done. (Score:5, Interesting)

      by CyberGarp ( 242942 ) <Shawn.Garbett@org> on Thursday August 14, 2003 @01:16PM (#6697288) Homepage
      Ahh contrair, you assume hidden variables young grasshopper. Even Einstein had trouble believing that quantum physics depended on randomness. The hidden variable theory has been attacked from many angles, and noone has been able to prove yet that there are hidden variables, in fact there is much evidence that quantum mechnics depends on randomness.
    • Re:Can't be done. (Score:4, Informative)

      by alanh ( 29068 ) * on Thursday August 14, 2003 @01:18PM (#6697312) Homepage
      You're wrong. Quantum mechanical effects can be truly random. Nuclear decay is a good example of this.

      Set up a piece of radioactive material next to a geiger counter, plug your geiger counter into your PC and you can generate all the random numbers you want.
  • And it's already slashdotted. And it's from SGI scientists, heh.

    Anyway, it's gonna be great for cryptographers to have a source for truly random numbers. It's a pity that it requires CCDs and such. Although I can't see the site, so I can't determine if this can be done with hardware or something similar that would be better in server environments.
  • by kisrael ( 134664 ) on Thursday August 14, 2003 @01:00PM (#6697053) Homepage
    going back to the original idea, how cool would it be to have a lava lamp inside the case, maybe helping out all those heatsinks by converting heat into lava-moving power...with a window so you can see it as it generated all the random numbers you needed.

    "Anyone who considers arithmetical methods of producing random numbers is, of course, in a state of sin."
    --John von Neumann
  • Truly random numbers R LAME. LOL l337 HAX0Rs use the number "7" for every random seed. You can't tell if it's a seven or a 't'! Encrypshun R 4 DUMMMIES!

    </joke>
  • Study Chaos (Score:5, Insightful)

    by tshak ( 173364 ) on Thursday August 14, 2003 @01:01PM (#6697070) Homepage
    Nothing is truly random about a lava lamp, or even the fractals on a leaf. "Randomness" as we understand it has always been about complex order and large numbers. Meaning, it's too complex for us to see the pattern and the statistical possibility of numbers occuring in a measurable pattern over time is extremely low.
  • by call -151 ( 230520 ) on Thursday August 14, 2003 @01:01PM (#6697072) Homepage
    The Apple ][ computers used the pause between keystrokes, measured much more precisely than necessary and disregarding all but the last 8 bits, as an attempt at an analog random number seed for their psuedorandom number generator. Very simple and effective and I haven't seen many implementations of better systems around. One side effect was that if you had a program which ran off the boot disk with no keystrokes, it would do the same thing every time, no matter how improbable that was...
  • 123456? That's the combination of my luggage. I need new luggage!!!
  • by Dog and Pony ( 521538 ) on Thursday August 14, 2003 @01:03PM (#6697087)
    503 ;-)

  • Six Lava Lamps not to mention six photo-sensors? Why not six cheep antennas to measure radio noise? Probably take up less room too.
    • Re:Expensive! (Score:2, Informative)

      by Knight2K ( 102749 )
      I'm not a radio expert... but theoretically, couldn't a system like that be attacked by beaming out a strong known signal with limited range on the frequencies (or possibly spill across a broad spectrum) utilized by the random system? Then the attacker could guess the random series since it forced the generator to use a known seed.

      At least an optical system is tougher to interfere with since the local user knows what the camera is looking at.
  • Paranoid (Score:5, Funny)

    by Quill_28 ( 553921 ) on Thursday August 14, 2003 @01:03PM (#6697098) Journal
    >so the truly paranoid can take it with them when they travel."

    pfftt, like there is anyone on Slashdot that is paranoid.

  • by dschuetz ( 10924 ) * <davidNO@SPAMdasnet.org> on Thursday August 14, 2003 @01:03PM (#6697101)
    I've always wondered if the double-slit experiment, in a particle mode, would be a good way to generate random numbers.

    The phenomena (for those unfamilar with it) is putting two closely-spaced slits in a piece of paper and then shining a light through it. You end up with a spreading fringe of light and dark patterns, as the light waves coming through the slits interfere with each other.

    Where it gets spooky is when you drop the light source down to where it emits photons one at a time -- they *still* interfere with each other, even though there aren't any other photons present at any given point to interfere with.

    Anyway, I seem to recall that the place where each photon ends up is random. So why not put a low-power, stream-of-single-photons light source on one side of the double-slit, and a pair of sensors on the other side? Label one sensor "0" and the other "1" and interpret the strings as binary numbers. Convert (and optionally send them through a bit blender) and you're done.

    I'd think this could be manufactured in a small chip-like package, and made a standard motherboard component.

    Has anyone investigated this approach? If so, I'd be curious to hear what their results were (and if it turns out not to be as random as one would like).
    • by zeotherm ( 698238 ) on Thursday August 14, 2003 @01:12PM (#6697229)
      Where to begin... For starters, the double slit experiment, to see the neat effects of single electron interference, must be done in a vacuum. The electorns must not be influenced by anything else at all, like air/gas molecules. Also, it must be done at temperatures near absolute zero, where the thermal bath of the environment doesn't wash out the quantum effect you are talking about... Just not possible on a portable system...
  • When I read the first instance of the word "portable" I thought "How hard could it be to port this kind of code to another platform?" It was only on reading the second instance that I realized they meant the good old-fashioned real-world lugging-things-about portability :-).

    Spending time in specialized fields really tends to change the meaning of common words.
  • "...it required special SGI hardware and software along with six lava lamps, and the solution wasn't portable."

    No shit, Sherlock! Can you imagine lugging six lava lamps and an SGI box round with your powerbook?

  • How about just pseudo-randomly snagging LAN IP packets and pseudo-randomly extracting bytes from those? E
  • How about this...

    Would it be possible to do something like get a blank CDR, scratch it up with a brillo pad and then have software that would try and read from point A to point B even though there were no files? All the scratchs would render parts of the CD unreflective. The same as seeing a stream of 0s. The part that was not scratched would still be reflective, making it a 1. Cheap, extremely portable, and the chances of doing it the exact same way twice are almost NULL.

    When you're done, just microwav

    • The system you propose is a form of one time pad. While it works in theory, it is not the application needed here. Random numbers are needed in streams where there can be no pattern known or logical pattern findable. How many ways can you think to scratch a CD? Up and down, right and left, circles? With this sort of information you could start to predict the general "form" of the number. Besides, when you need a stream of numbers it needs to change over time. The CD is scratch once use once.
  • This will produce a truly random signal (white noise) which is completely unpredictable. $0.05 solution + $2-5 in external components is all you need.
  • What's up with the favicon [lavarnd.org] that lavarnd is using? I don't get it...it seems totally random.

  • ....welcome our new Lavalamp overlords.
  • Who cares about security. Games are more important! Truly random numbers can enhance the gameplay for some games no end. And another good use: I have xv pick a random picture from a directory to use as background image every time I start my machine up. I soon noticed that some pictures appear more often than others. So maybe someone can use this random number generator in xv, please!
  • by phorm ( 591458 ) on Thursday August 14, 2003 @01:15PM (#6697272) Journal
    How about transmitting a signal through some form of changing medium? Really, with the lavalamp approach, all that fancy webcam stuff isn't needed. How about just using a lavalamp type setup with various different floating substances (density, reflectiveness, etc) and shooting some for of beam through it at various areas - calculating the number based on the returned signal?
    You don't really need a lavalamp for this either, passing an electrical signal over a short arc-gap, perhaps filling with a changing substance would probably also product random voltage fluxation.

    Of course, the real issue is making randomness with a large range (1-100% with many many decimal points) and a large enough variability (that is, any decimal number between 1-100% having an equal opportunity for occuring at any particular interval).

    I'm thinking that in electrical and biochemical reactions there would also be a lot of randomness, the wide-universe and entropy and all considered?.
  • Paranoid?? (Score:5, Funny)

    by ocie ( 6659 ) on Thursday August 14, 2003 @01:23PM (#6697373) Homepage
    the truly paranoid can take it with them when they travel.

    Oh, that just what you'd want us to do isn't it???
  • Different objectives (Score:5, Informative)

    by m11533 ( 263900 ) on Thursday August 14, 2003 @01:27PM (#6697422)
    The original motivation for random number generators was simulation. One of the early mainframes, and I am afraid I forget which one, included a true random number generator. It was an unexpected disaster, totally unusable for simulation and other then-state-of-the-art users of random numbers. They were "too random".

    It turns out that for an experiment to be useful it need to be repeatable. Thus, it was critical that users be able to repeat the sequence of "random" numbers. Thus the reason why all random number mechanisms permit you to set the seed... otherwise they could just use a sufficiently random seed and life would be good.

    Another aspect of random number is that they must not only be "random", but they need to have a well defined distribution over the range of possible values. You might assume it is desirable to have a linear distribution, which IS useful in some settings, but other distributions ("bell curve", and exponential come to mind) are also extremely useful.

    IF one has a real need for truly random numbers, the source for those number does need to perform to a certain distribution over the range of possible values. And it can not be used to the exclusion of the existing techniques which have been extremely useful in their intended problem domains. This is really just another case of a good solution in one problem domain being used in another without its underlying foundation being examined for applicability to that new problem domain.
  • by plcurechax ( 247883 ) on Thursday August 14, 2003 @01:53PM (#6697767) Homepage
    When designing and building a physical cryptographic strong random number generator (CSRNG, not CSPRNG) you are looking for many things including:

    * a uniform or near uniform distribution of the output.
    * it must be unpredictable
    * it should be very hard / impossible for attacker to influence the output of the CSRNG.

    The first two are reasonably easy with physical RNG, but the last one is the kicker when it comes to actually implementing the CSRNG.

    The attacker shouldn't be able to influence it by poking a pin-hole in the case (of a light sealed chamber around the CCD), or putting a heat source next a lava lamp (so the goo stays at the top)
  • Silly overkill (Score:4, Interesting)

    by Phil Karn ( 14620 ) <karn@@@ka9q...net> on Thursday August 14, 2003 @02:02PM (#6697898) Homepage
    Generating random bits with a lava lamp has always seemed like silly, impractical overkill to me. For years, the Linux kernel has had the /dev/random driver that distills entropy from external events, and now it can be seeded by the hardware random bit generators found in many modern CPUs.

    Nearly every PC also has a sound interface that could also be used as a rich source of random seed bits. You don't even need a microphone; just crank up the gain and digitize the analog noise in the microphone preamp.

  • My Way (Score:3, Funny)

    by Mignon ( 34109 ) <satan@programmer.net> on Thursday August 14, 2003 @02:47PM (#6698492)
    The system uses a saturated CCD in a light-tight can as a chaotic source to produce the seed.

    I use porn in a dimly-lit room to produce the seed. To each his own.

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Working...