True random numbers
Sandy Harris
sharris at fox.nstn.ca
Sat Feb 17 18:47:16 PST 1996
Deranged Mutant <wlkngowl at unix.asb.com> wrote:
>maruishi at netcom.com wrote:
>>
>> I was trying to think of a way to come up with true random numbers...
>> And knowing a bit of UNIX socket TCP/IP programming I made a small [..]
>
>I wouldn't trust the samples taken from networked sources.
Me neither, in general.
A possible exception: I wonder if the checksums on Ethernet or IP
packets use a reasonably strong CRC algorithm. If so, they might be
a decent source of randomness in an environment where you could be
sure the Black Hats couldn't see them. e.g. using only packets from
your own LAN, suitably protected by firewall & good administration.
>You're better
>off with a kernel patch that samples from local sources directly like
>disk or keyboard timing variations... such patches already exist, with
>similar drivers developed for DOS and OS/2 systems as well.
I'd be more inclined to hash the kernel's internal tables, e.g. process
& file descriptor tables. These should vary quite a lot & if the enemy
can see them, random number quality is the least of your worries.
RFC 1750 is a good reference on this problem.
--
Sandy Harris
sharris at fox.nstn.ca
More information about the cypherpunks-legacy
mailing list