Lava lamp random number generator made useful?

Alan alan at clueserver.org
Tue Sep 23 16:56:27 EDT 2008 

On Tue, 2008-09-23 at 00:09 -0700, Jon Callas wrote:
> >> A cheap USB camera would make a good source.
> >> The cheaper the better, too. Pull a frame off,
> >> hash it, and it's got entropy, even against a
> >> white background. No lava lamp needed.
> >
> > I sort of agree, but I feel cautious about recommending that people
> > use their holiday snaps.  And then post them on line...  if you see
> > where I am going :)
> >
> > But it is a good suggestion.
> 
> That's not at all what I suggested. There are so many ways that one  
> can creatively screw up reasonable cryptographic advice that I don't  
> think it's worth bothering with.
> 
> The point is that if you take a cheap 640x480 (or 320x240) webcam and  
> point it against a photographic grey card, there's going to be a lot  
> of noise in it, and this noise is at its bottom quantum in nature.  
> Thus, there's a lot of entropy in that noise. Photographic engineers  
> work *hard* to remove that noise, and you pay for a lack of noise.
> 
> I'm willing to bet that if I give you hashes of frames, knowing this  
> process, you can't get pre-images. I'll bet that you can't get pre- 
> images even if I let you put a similar camera next to the one I'm  
> using. In short, I'm willing to bet that a cheap camera is a decent  
> random number source, even if you try to control the image source, to  
> the tune of 128-256 bits of entropy per frame.
> 
> No lava lamps are needed, no weird hardware. Just use the noise in a  
> CCD.

Another option would be to use noise.  If you have a webcam, you also
have some sort of sound input usually.  Crappy microphones will give you
all sorts of hashable input.  (My non-webcam enabled laptop has two tiny
microphones above the screen.  It would be good to put them to some
use...)  And is it every truly quiet?  Not certain how long of a sample
you would need.  I suspect not that long.

"To generate a random seed, please scream at your computer for 30
seconds."

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list