-----BEGIN PGP SIGNED MESSAGE----- Cypherpunks, A while back there was lots of discussion in the list about hardware random number generation. The consensus was that diode white noise was the easiest thing to use. It probably is, but I havn't been able to persuade a single diode to be noisy yet. Anyhow, I turned to the simplest white noise source that I have, which happens to be a radio tuned to a dead channel. I hooked that up to a home made interface board that has previously served as a frame grabber, and wrote some software to grab random numbers. The hardware compares the signal to four known voltages, and sets the feedback pins on my printer port correspondingly. Thus, I get a nibble of information every cycle. However, it's fairly interrelated (if the high bit is set, the low ones must be set too, &c). So, this is the scheme I came up with to randomize it. Read two nibbles and concatenate them into a byte. Take the parity of this byte to give you one bit. Read eight bits this way, to make one byte. Read 128 bytes by this method, and take a MD5 hash of this data. Use the 16 byte message digest as the final random bitstream. Do this as many times as needed to get the desired number of bytes. Using the ENTROPY1 software submitted to the list by Peter Meyer, I determined that a 1000000 byte file had a relative entropy of 0.999980. This seems close enough to 1 for cryptographical use. For each bit of output, 64 bits have been read from the device. The MD5 transposition should eliminate all of the wave nature of the signal and make adjacent bytes unrelated. So, the question now is, is it safe? An obvious method of attack is to simply connect an identical device to a radio and grab identical data. However, I feel this is unfeasible. Radio noise is omnidirectional and thus (I think) should give you very different signals at different geographic locations due to the different phases of the various sources. There are too many variables in the hardware itself. What frequency is it at? What are the comparison values set to? What other method could be used to attack this except for the obvious tempest attack on the host computer? Doug -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLCZM4SEF9mfcHsd/AQGpYgP+OaJl7v7GO4SITR7nalpdU0wx6mdXHYwD CYP/u1f5BVrPfE85Thsi7beiZMp8o8aI+H5MK1uCMQ1X6pj7SOODuRXhRaXmbjnv jghthWkt19SH4AbpDz7wpV2X7BXmIO0zGBv1rZB84cBgsXQH7cmlgyUCNJP86EUq cCmt7bFSG+U= =tmPC -----END PGP SIGNATURE----- -- PGP 2.2 Key by finger