Startup to launch new random number generator from space

Leichter, Jerry leichter_jerrold at emc.com
Mon Dec 25 08:36:23 EST 2006 

| >http://news.zdnet.com/2100-1009_22-6142935.html
| >
| >British start-up Yuzoz has announced that it will be launching its 
| >beta service in the next two weeks--an online random-number generator 
| >driven by astronomical events.
| 
| Heh heh.  Pretty amusing.  I guess the founders haven't really thought
| this through.  One problem with such a service, of course, is total
| reliance upon Yuzoz: Yuzoz learns all your secret keys -- and so does
| any hacker who figures out how to break into Yuzoz's servers.  That doesn't
| sound like such a great deal -- especially considering that high-quality
| random-number sources are not that hard to come by.
| 
| I guess we can take ill-conceived startups like this as a sign of
| increasing awareness about the security risks and the need for security
| solutions, even if there is some, err, lack of sophistication about how
| to distinguish good security technology from bad.  (Quantum crypto seems
| like another one for that camp.  Oracle's "Unbreakable" marketing slogan
| was another good one.)
There are at least three ways this kind of thing could make sense:

	1.  As part of something like Rabin's Beacon protocols.  For
		this purpose, you need a reasonable bit rate and
		confidence that the data really is random and cannot
		be seen ahead of time by anyone.  The assurances
		that Yuzoz is giving seem to head somewhat in that
		direction, though I doubt they are really thinking
		about this.  (Granted, the problems Rabin was trying
		to solve with beacons have since been solved using
		other techniques.  But that doesn't make this kind
		of thing laughably bad.)

	2.  As part of a number of techniques in which one generates a
		long secure sequence by picking bits from a random stream 
		using a key.  I think the basic ideas picked them from
		a high-resolution digitized photo of the moon.

	    The bit rate Yuzoz is proposing is too low to be useful for
		this purpose except in unusual circumstances.

	3.  For fun.  I think this is clearly the market they are aiming
		at.  Look at their comments about how they picked their
		own name, for example.  Gambling is a big source of
		many on the Internet, and I can see all kinds of products
		based on this being sold to gamblers, for example.

If you just read the quotes in the article from the CEO, it's clear
that he's more concerned about marketing - and especially the connection
to space - than about usage in cryptography, or likely and particular
usage.

How about a nice pet rock laser-inscribed with random bits from Yuzoz?
Brings together light, earth, and space - a sure winner.

							-- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list