[Cryptography] The ultimate random source

Phillip Hallam-Baker hallam at gmail.com
Tue Feb 18 13:06:50 EST 2014

On Tue, Feb 18, 2014 at 12:42 PM, Philip Gladstone <
pjsg-cryptography at nospam.gladstonefamily.net> wrote:

> On 2/18/14, 11:45 AM, Phillip Hallam-Baker wrote:
>> One important boundary condition is that I want the operation of the
>> random number generator to be completely auditable so that we can tell
>> with a very high degree of confidence that no strange business has
>> taken place.
>> So for example, lets take a cut and choose type protocol.
>> What I want is a machine that I can cause to perform the random number
>> acquisition process repeatedly without knowing whether the machine
>> itself is being audited or not. So we have the dice roll in a
>> transparent box 256 times and one one occasion chosen using a process
>> that could not be predicted when the machine is configured we put a
>> cover over the camera so the dice rolls are not observed.
>> We check that the results are consistent with the observations from
>> the second camera in the other 255 cases. Thus an occasional defection
>> attack has only a 1 in 256 chance (i.e. 8 bits) of success.
>>  Where does the random number come from that indicates which of the rolls
> is not observed? I suspect that you are just moving the problem around....

That can just be any dice roll that is not observable by the recorder.
There are two separate requirements here

1) A randomly assigned output.

2) A randomly assigned output that is not known to any other party.

What does come under the rubric of 'just moving the randomness about' at
the moment is the combination of the partial random inputs into a single

But I can generate a public/private keypair from each 128 bits of random
output. And that is probably enough leverage to solve the rest of the

Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140218/dae503d1/attachment.html>

More information about the cryptography mailing list