[Cryptography] Radioactive random numbers
Marcus D. Leech
mleech at ripnet.com
Wed Sep 11 21:06:35 EDT 2013
On 09/11/2013 07:18 PM, Perry E. Metzger wrote:
>
> The attraction of methods that use nothing but a handful of
> transistors is that they can be fabricated on chip and thus have
> nearly zero marginal cost. The huge disadvantage is that if your
> opponent can convince chip manufacturers to introduce small changes
> into their design, you're in trouble.
>
> Perry
And this is the reason that I'd be in favour of "diversity" -- using
sound cards, lava-lamps, etc, etc. Sources that don't explicitly
identify themselves
as "the random number generator".
There's no way for a bad actor to cover "all the bases", and since these
things are primarily used for things other than random-number sources,
it may be hard to "break" them in ways that doesn't also break their
primary purpose (although, if you're just mucking with the low-order
"noise bits" of some arbitrarily-chosen digitization of a real-world
source, it would be hard to tell the difference).
--
Marcus Leech
Principal Investigator
Shirleys Bay Radio Astronomy Consortium
http://www.sbrac.org
More information about the cryptography
mailing list