[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Random number generators

Eric Hughes comments and then Perry Metzger responds:

> >Perry Metzger forwarded me some information about Newbridge
> >Microsystems and the part number of a chip that made random numbers.
> >At the crypto BOF at hackers I mentioned that there was a need for a
> >hardware random number generator and that I knew of some chip to do
> >it.  John Draper, who was there, expressed a desire to work on such a
> >device.  I forwarded him the information about the chip.
> >What I didn't know was the cost or design of this chip.  It appears to
> >use a radioactive source to make random numbers.  This may account for
> >the cost.  In any case, it is likely that most applications don't need
> >this kind of chip.
> Just for the record...
> As the data sheet makes clear, it most certainly DOES NOT use a
> radioactive source. Its very hard to get 20kbits/sec of random numbers
> reliably out of any radioactive source you are going to want to be
> near, anyway. It operates off of thermal noise just like virtually
> every other such device.
> It should be possible to build a similar device out of ordinary
> discrete components without overwhelming difficulty. The only problem
> would be to make sure that the output was reliably random, and not
> overly dependant on things like temperature.
> Perry

Perry is correct. Getting 10K or more bits per second from a
radioactive soure usually means it is close enough/strong enough to
"drift" the device to the point of radiation-induced permanent failure
in a matter of weeks or months (if not much sooner, but this is all so
dependent on exact calculations and lab experiments).

Tony Patti, editor of a small crypto journal and frequent commentator
on sci.crypt, is one of several folks who've designed thermal
noise-based RNGs. He's selling them, as I recall. I would _strongly_
advise anyone who's contemplating building and selling such a gizmo to
first see what the market has produced and whether or not it's
selling, etc.

A minor note: the bias between 0s and 1s (unequal distribution, for
example) is easily handled by considering pairs of numbers, with a "0
1" being called a "0" and a "1 0" being called a "1." 


Timothy C. May         | Crypto Anarchy: encryption, digital money,  
[email protected]       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP Public Key: awaiting Macintosh version.