Random #'s via serial port dongle?

Date: Fri, 29 Apr 1994 07:08:19 -0400 From: "Perry E. Metzger" <perry@snark.imsi.com> How do you pick the random section in the first place? Oh, I see, we use a random number generator! This has probably been discussed before, but has anyone built a little device that amplifies the white noise from a transistor junction, and converts it into serial data? You could easily build a self-powered dongle that sits on an RS-232 port and continuously spits out truly random bytes. I could probably sell them for $25 if I could sell more than a hundred of them. Is there a market for true random number generators? -russ <nelson@crynwr.com> ftp.msen.com:pub/vendor/crynwr/crynwr.wav Crynwr Software | Crynwr Software sells packet driver support | ask4 PGP key 11 Grant St. | +1 315 268 1925 (9201 FAX) | Quakers do it in the light Potsdam, NY 13676 | LPF member - ask me about the harm software patents do.

Russ Nelson asks:
This has probably been discussed before, but has anyone built a little device that amplifies the white noise from a transistor junction, and converts it into serial data? You could easily build a self-powered dongle that sits on an RS-232 port and continuously spits out truly random bytes.
I could probably sell them for $25 if I could sell more than a hundred of them. Is there a market for true random number generators?
Yes, it's been debated many times on this list. The forthcoming FAQ has a section on random number generators, noise sources, Zener diodes, commercial implementations, etc. Several people have said they could sell them for $25. So far, I know of no such serial port dongles for $25. If you really think you can do it, go for it. (But, as politely as I can put it, don't make a lot of vague promises to the list, ask for ideas and feedback, and then let the whole thing drop. This has happened several times before.) I don't think generating random numbers is all that much of a priority. The Blum-Blum-Shub C code is available, and I defy anyone to break _that_ PRNG! (Issues of entropy are a bit different, but I expect the entropy with the BBS generator to be about as high as one can get, and as high as what would get in some instance with a "physically random" RNG.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."

From: tcmay@netcom.com (Timothy C. May) Date: Fri, 29 Apr 1994 14:28:33 -0700 (PDT) Russ Nelson asks:
This has probably been discussed before, but has anyone built a little
Yes, it's been debated many times on this list. .... I don't think generating random numbers is all that much of a priority. ... Well enough, then. I won't bother. -russ <nelson@crynwr.com> ftp.msen.com:pub/vendor/crynwr/crynwr.wav Crynwr Software | Crynwr Software sells packet driver support | ask4 PGP key 11 Grant St. | +1 315 268 1925 (9201 FAX) | Quakers do it in the light Potsdam, NY 13676 | LPF member - ask me about the harm software patents do.

Timothy C. May says:
I don't think generating random numbers is all that much of a priority. The Blum-Blum-Shub C code is available, and I defy anyone to break _that_ PRNG!
Its partially a question of speed. Many applications, like one time pads, are just too slow to generate random strings for given normal techniques. Its partially a question of automation -- I'd like to be able to generate public/private key pairs on a regular basis and its hard to do given all the goddamn typing. Its partially a question of abstract hacker satisfaction -- one would like to know that one's numbers are RANDOM. Myself, I'd want one. Perry

The easiest way to get true random numbers on a PC nowadays is with a sound board, preferably 16 bit. Just MD-5 hash some gibberish speech and/or background noise. I am looking at various ways of generating good random numbers for my IP security protocol, so I'm thinking about this stuff. Unfortunately I can't always depend on there being a sound board, so I'm still open to other ideas. Recently I tried looking at phase jitter between the CPU and timer crystals, but this doesn't work on every machine. Timing keyboard hits is a tried-and-true technique in PGP, but I can't necessarily rely on that either (I want this to work in a standalone system that boots by itself). Suggestions would be appreciated. Phil

This has probably been discussed before, but has anyone built a little device that amplifies the white noise from a transistor junction, and converts it into serial data?
As Tim mentions, lots of people have talked about doing this, but few actually have. Nevertheless, the device is still needed and no one has done it. I estimate you could sell 500 at $50 each within four months if there were PGP support for it. And I'll give you advertising space on the archive site. Real random numbers should be a standard part of every computer. Eric
participants (5)
-
hughes@ah.com
-
nelson@crynwr.com
-
Perry E. Metzger
-
Phil Karn
-
tcmay@netcom.com