Random Number seeds, was RE: First computer with real-time clock?

From: Paul Koning <pkoning_at_equallogic.com>
Date: Mon Aug 2 11:02:05 2004

>>>>> "John" == John Lawson <jpl15_at_panix.com> writes:

 John> On Mon, 2 Aug 2004, Paul Koning wrote:

>>>>>>> "John" == John Lawson <jpl15_at_panix.com> writes:
>>
 John> Computer-based ramndom number seed generation:
>>
 John> I may at some point remember the machine/manufacturer, but I
 John> *do* recall tha one (perhaps Gummint-oriented?) device used a
 John> standard radio buried in it somewhere, tuned to a local
 John> station, the output of which was digitized and the seeds
 John> extracted from that... as I write this, IISTR that it was some
 John> kind of crypto-thingy...
>> That would be quite a bad idea. I'm sure the spooks are smarter
>> than that.


 John> And just why would that be a bad idea? Remember this was back
 John> some years - your glib "these days" doesn't apply to 'them
 John> days'... in the 60's and 70's it was not trivial to develop
 John> 'real' random numbers, so various means were used to sample a
 John> physical source or 'randomness'. I have an audio whit noise
 John> generator (Grayson Stadler) that uses a 6CB4 tube with a small
 John> bar magnet in proximity to the envelope - this exacerbates the
 John> transit noise of the tube and produses a very nice 5 Htz to
 John> about 50 kHtz stream of chaos.

Htz? You mean Hz?

Noise diodes have been around for many decades, and certainly those
would serve. So would resistors, and plenty of other things.

What I was reacting to is the notion of a receiver "tuned to a local
station". A radio signal is quite far from random, and if a cryppie
were to use such a thing for generating keys he would be at serious
risk of a successful attack.

Now if you were to take a radio tuned to an unused channel, that would
be somewhat better. But still it would be subject to unexpected
biases from stations far away. A self-contained device such as an
electrical noise source is much simpler AND it is much easier to prove
that it has the right properties.

By the way, re the AT&T random number generator whose properties were
unproven -- these days, most of the designers of these devices *are*
prepared to show adequate proof, as well they should of course.

         paul
Received on Mon Aug 02 2004 - 11:02:05 BST