[Cryptography] The ultimate random source

Arnold Reinhold agr at me.com
Wed Feb 19 14:04:55 EST 2014

On Tue, 18 Feb 2014 23:09 Christian Huitema pointed out:
> If you rely on a capped camera to generate white noise, you may be out for a surprise with at least some cameras. There is a lot of filtering and processing that happens on board the camera itself, e.g. conversion from Bayer pattern to YUV or RGB, firmware that enhances the image, compression to JPEG before transmission on the USB bus, cropping and resizing on demand, etc. I would not be surprised if some cameras, when capped, just transmit a black image. 
> The  camera is designed to produce an image that represents the scene in front of it. There are two sources of randomness that are "built in," the randomness of the scene itself, and the randomness of the position of the camera in the scene. A few degrees cause a lot of pixels to shift, a live scene has lots of varying bits. I would rather rely on that instead of making assumptions on the amount of filtering built in the firmware.

The boundary between adjacent gray scale/color levels will be affected by pixel noise in ways that filtering cannot completely eliminate.  Having a lens cap on prevents any gradients from appearing in the image. So even a completely predictable static scene would seem preferable to lens cap on.

While we are on the topic of building an auditable RNG, another possible element to include in the scene that the camera captures is a television screen tuned to a live channel, perhaps a 24-hour news station such as CNN, Fox or Bloomberg. This would allow verification that an image was taken no earlier than when the TV content was first aired.  A time stamp service could be used to certify a "no later than" date.

Arnold Reinhold

More information about the cryptography mailing list