[Cryptography] The ultimate random source
leichter at lrw.com
Tue Feb 18 06:56:39 EST 2014
On Feb 18, 2014, at 12:35 AM, Peter Gutmann wrote:
>> If you really want to go the route of physical "randomness", get a bunch of
>> glitter, put it in a fluid, and use something to stir it.
> Or point the webcam at a snow globe.
What do you think inspired my design? :-)
Actually, it was a combination of two ideas: The suggestion of using glitter nail polish as a tamper detector, as the exact pattern in which it dries is "random" - really just "highly complex and (apparently) impossible to replicate" - with a snow globe to make the pattern dynamic.
> (Another neat source is to take something with a fairly complex structure, say a couple of scale model trees, glue them onto a base that you put on top of a solar-powered rotating display stand, and point a webcam at it).
Using Denker's terminology, I would classify that as "squish": You have no idea how to predict the results (because of the complexity of the system), but also no way to prove that *no one else* could predict the results.
My proposal, while not meant to be taken entirely seriously, *could* be realized in a way amenable to actual analysis. It has a source of true physical randomness (Brownian motion), and is chaotic (thus magnifying any small true randomness into larger degrees of unpredictability). That's just my unchecked assertion, but the physics is well understood and could be worked out if anyone cared.
Mind you, as a matter of practical cryptographic engineering, all kinds of physical generators are likely plenty unpredictable enough. But if you're going to go to the trouble of building a physical generator, why not build one you actually understand? Then, for one thing, you'll know what parameters to check to make sure someone hasn't snuck in and loaded the dice: Modified the system to make it easy to predict.
More information about the cryptography