Curious RNG stalemate [was: use of cpunks]
Lodewijk andré de la porte
l at odewijk.nl
Mon Oct 21 15:43:11 PDT 2013
2013/10/18 James A. Donald <jamesd at echeque.com>
> You can, however, be sure a microphone input is a reliable source of
> entropy, since fake entropy would interfere with its microphone function.
This is a syntatic non sequitur. Why would fake entropy interfere with a
microphone's function? How is the microphone guaranteed to have "its
microphone function"? Is a microphone input just the microphone's jack or
an actual soundwave-modulated-magnetic-power-factor?
In either case it's also a semantic non sequitor. If someone plays a darn
loud sine wave in the serverroom you can be sure the microphone will
replicate it. It'd be doable to make any microphone always output it's
maximum value, through a plenty of means. The sad thing is that it's sound,
so it might even be doable at distance!
(scenario: people breaking into a running-but-physically-controlled server
through manipulation of it's random numbers)
I think an internal radioactive source such as a smoke alarm makes great
sense. Be wary to isolate it very well to prevent outside interference. If
it just goes to MAXINT if someone holds his cube of madam curie next to the
server's case it'd be a shame.
@Jim Bell: wouldn't such a ring oscillator aggregate be subject to
patterns? If you have something that can create more out of fewer pieces of
randomness, isn't there plenty bad-randomness-sources to go on?
@Jon Callas:
How is this random generator affected by CPU Interrupts? It seems to be a
feature added for "more randomness", but given interrupts are far from
guaranteed (especially in problematic systems) you cannot depend upon them.
Especially because random numbers are harder on smaller systems I'm not
sure I'd call this solution elegant.
I believe stir-back is not always possible but a very strong feature. If
you can always stir-back, can't you always generate something fairly random
by simulating a x-times-stir-back? If you can't, how can you trust your
stir-backs to be spaced enough for your -x-times-stir-back to not happen
anyway?
Lastly I feel your way of dealing with the pool-distiller model is finicky.
If you hash a pool your hash will be able to fold onto itself very often
and bits of entropy in different places can have different effects. You're
placing an unusual amount of faith in your hash function on it being
perfect. Diffusion with a partially known sourcetext is very, very murky
business. And with predictable data going into your pool you're essentially
creating a probably partially known plaintext. That's complex, and that'll
do you good, but it is not the kind of nice randomness you'd go for.
A suggestion I'd like to make is a laser & light strength measurement unit.
Neatly self contained and accurate enough it can measure the bending of
spacetime itself. I suppose anything even nearly that accurate will measure
it's direct environment's noise so well it all doesn't matter anyway.
Something like Delta(cpu_magneticness_mid_cycle) would do wonders. Anything
dependent on the activity of the computer itself gives problems with people
manipulating what the computer is doing. More rough it could measure minute
changes in the movement and heat of flowing air.
wow this became a lot longer than I expected.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4397 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20131022/9d5bffad/attachment-0001.txt>
More information about the cypherpunks
mailing list