doctorow at December 10th, 2013 12:39 — #1
nixiebunny at December 10th, 2013 13:06 — #2
We used to call this behavior paranoid. Now it's called prudent.
boundegar at December 10th, 2013 14:14 — #3
But most random number generators are only pseudo-random anyway. Even if they're not deliberately compromised, they still can't be trusted. I see a market for a radium sample in a tiny USB device.
wrecksdart at December 10th, 2013 14:50 — #4
I understand some Mexican folks had some radioactive stuff to se...oh, wait, that's funny they were online just the other day...
anthonyc at December 10th, 2013 15:10 — #5
Also, it isn't clear to me whether the thermal noise Intel (I think) uses is random in a quantum mechanical sense (even in the absence of NSA tampering). If not, are its biases of the sort where Von Neumann's method of extracting the randomness that is there would be effective?
anthonyc at December 10th, 2013 15:14 — #6
phasmafelis at December 10th, 2013 17:13 — #7
I thought /dev/random and similar generators produced truly random results in most cases by drawing on electrical noise from device drivers. (Albeit it's very slow if large amounts of entropy are required.)
crenquis at December 10th, 2013 17:24 — #8
I recall meeting with this fellow once -- radioactive random pulse generator chips are his "thing":
FPO: Tsuyuzaki, Noriyoshi
crashproof at December 10th, 2013 17:35 — #9
In my previous career as an MMO developer, the kinds of complaints I heard about RNGs were:
-- we need a deterministically reproducible series of pseudo-random numbers.
-- the Mersenne Twister algorithm you used to give us a deterministically reproducible series of pseudo-random numbers is too slow.
-- claims based on anecdote, a poor understanding of statistics, and lack of realization that the RNG is doing far more than just your loot rolls.
I wish I could throw this into that third category. Unfortunately these days you can attribute things to malice that should have been mere stupidity.
"Security" is really kind of the opposite of what the NSA does.
boundegar at December 10th, 2013 18:31 — #10
Only if the hardware is in place, which is why I suggested a radium key-fob. Most computers, regardless of size, just use pseudo-random numbers, which are fine for most applications. Also, I think this article was discussing pseudo-random generators.
michael_r_smith at December 11th, 2013 03:29 — #11
How about a smoke detector and a photo transistor?
raybert at December 11th, 2013 14:45 — #12
If it comes out of a machine it's not random.
(I think Weizenbaum said something like that but I'm too lazy just now to verify it.)
Anyway, how about atmospheric static? That should be random and I'd rather have an USB fob with a radio receiver in it than radium or pitchblende.
BTW: if the RNG is based on radioactive decay, could basalt or granite be used? Or would you need tons of the stuff to have a powerful enough source?
(I know there are regulars on bbs who can do the math on that, mine's pretty rusty and always was a little superficial to begin with.)
boundegar at December 11th, 2013 20:36 — #13
Hell if I know, but pitchblende is such a cool word I vote for it.
technogeekagain at December 12th, 2013 21:35 — #14
If it comes out of a noise diode, it may be filtered noise rather than white noise, but it should be pretty random once you allow for that. Atmospheric static or radioactive decay or whatever would also work, but are a lot more complicated and no less vulnerable to tampering if you're presuming you can't trust the manufacturer -- arguably more so since these are at least as subject to influence from outside the box.
As always, there are more bad ways to implement security than good ones.
As always, perfect security is largely a myth, and cost goes up exponentially as you get closer to it.
As always, the real key is understanding when good enough for your purposes really is good enough... and when you should just go completely outside the box and have someone flip a coin 64 times or grab the nearest UPC or otherwise take a number from some source that they trust is Completely Irrelevant.
goretsky at December 14th, 2013 05:28 — #15
It is interesting that there was no mention of AMD's CPUs.
raybert at December 14th, 2013 12:01 — #16
There's the rub.
Are there any reasonable feasible methods on a DIY level?
raybert at December 14th, 2013 12:03 — #17
I dimly remember them producing errors, wasn't there something like this some years ago?
However, if the error was reproducable, it wouldn't be random.
doctorow at December 15th, 2013 12:40 — #18
This topic was automatically closed after 5 days. New replies are no longer allowed.