[133863] in cryptography@c2.net mail archive
Re: Lava lamp random number generator made useful?
daemon@ATHENA.MIT.EDU (Jon Callas)
Tue Sep 23 09:54:17 2008
From: Jon Callas <jon@callas.org>
To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <48D63FEC.1050305@systemics.com>
Date: Tue, 23 Sep 2008 00:09:46 -0700
>> A cheap USB camera would make a good source.
>> The cheaper the better, too. Pull a frame off,
>> hash it, and it's got entropy, even against a
>> white background. No lava lamp needed.
>
> I sort of agree, but I feel cautious about recommending that people
> use their holiday snaps. And then post them on line... if you see
> where I am going :)
>
> But it is a good suggestion.
That's not at all what I suggested. There are so many ways that one
can creatively screw up reasonable cryptographic advice that I don't
think it's worth bothering with.
The point is that if you take a cheap 640x480 (or 320x240) webcam and
point it against a photographic grey card, there's going to be a lot
of noise in it, and this noise is at its bottom quantum in nature.
Thus, there's a lot of entropy in that noise. Photographic engineers
work *hard* to remove that noise, and you pay for a lack of noise.
I'm willing to bet that if I give you hashes of frames, knowing this
process, you can't get pre-images. I'll bet that you can't get pre-
images even if I let you put a similar camera next to the one I'm
using. In short, I'm willing to bet that a cheap camera is a decent
random number source, even if you try to control the image source, to
the tune of 128-256 bits of entropy per frame.
No lava lamps are needed, no weird hardware. Just use the noise in a
CCD.
Jon
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
