[Cryptography] cheap sources of entropy
Christian Huitema
huitema at huitema.net
Sun Jan 19 20:04:08 EST 2014
>>Jon Callas (I think) a long time ago suggested pointing your cheapo USB
>>camera at a photographer's grey card in low light. The theory is that
>>the cells in a camera seek for information and if they don't see
>>something that is worth reporting, it drives them a little tipsy. The
>>claim is that this effect can drive them into some form of quantum
>>uncertainty.
>
> I think what is happening here is the effective ISO is being
> pushed up by the low light so there is a lot of noise in the
> amplifiers used to read out the sensor cells. What you are using
> is thermal noise in the amplifiers. You get a lot of readings in
> one photo, and it should be a good source.
The key here is to trust that the camera is not somehow subverted and does
not feed a "pseudo random" set of bits, just like any hardware that has been
modified. But then, if the camera truly delivers the pixels that it sees, I
wonder why I would rely specifically on pointing at a grey card. Simply
pointing at a landscape or an interior scene will probably provide just as
much entropy. Minute differences in the location and orientation of the
camera will cause pixels to shift. In a handheld device like a cell phone,
we can ask the user to take a series of pictures while randomly moving the
phone. Hashing the images will certainly deliver some pretty good input to
the entropy bucket.
-- Christian Huitema
More information about the cryptography
mailing list