One time pads

[Eugen Leitl]

On Thu, 17 Oct 2002, Morlock Elloi wrote:

> > Landon Noll has done some interesting work taking a cheap PC camera
> > and keeping it in the dark.  The CCDs try to adjust, and you get noise.
> 
> I's suggest a hi-fi video digitizer with analog input. CCDs have dirty
> randomness. 

Most modern USB cams (I use Aiptek APC 400, which is dirt cheap and plug
and play under Linux) are CMOS, and have very dirty randomness (switch off
jpeg compression, wrap it in aluminum foil, wait a little for the cam to
adjust, and make a diff of a few pairs of frames).  However, they're more
noisy than CCD, and the spatial bias gets killed by the cryptohash.
 
> > Rather than compressing 8:1 using byte parity,
> > I'd recommend using a hash function, such as MD5 or SHA,
> > which means that every bit of the input can tweak any bit of the output.
> 
> Well, each of 8 bits of byte affect its parity. It's just the different initial
> block size. But tastes vary.

Actually, you're making a lot of random assumptions in your treatment of
the raw video, which is a no-no even in the crypto sham we're engaging in.
You'd do much better if you'd just use a SHA-1 on a few lines (or estimate
(measure), how many lines you need for some 160 bits of raw entropy, and
double that for good measure) of raw video. Imo it might be arguably
safe/make sense to throw away a few of highest significant bits which are
always zero, and paste the rest together, destilling entropy. However, you
can actually lose entropy if your setup is very noisy/has a threshold and
you're blindly catting only LSBs. This won't happen if you use SHA-1 
blindly on raw video.