>>>> "John" == John Lawson
<jpl15(a)panix.com> writes:
John> On Mon, 2 Aug 2004, Paul Koning wrote:
>>
>>>>
"John" == John Lawson <jpl15(a)panix.com> writes:
>
John> Computer-based ramndom number seed
generation:
>
John> I may at some point remember the
machine/manufacturer, but I
John> *do* recall tha one (perhaps Gummint-oriented?) device used a
John> standard radio buried in it somewhere, tuned to a local
John> station, the output of which was digitized and the seeds
John> extracted from that... as I write this, IISTR that it was some
John> kind of crypto-thingy...
> That would be quite a bad idea. I'm sure the
spooks are smarter
> than that.
John> And just why would that be a bad idea? Remember this was back
John> some years - your glib "these days" doesn't apply to 'them
John> days'... in the 60's and 70's it was not trivial to develop
John> 'real' random numbers, so various means were used to sample a
John> physical source or 'randomness'. I have an audio whit noise
John> generator (Grayson Stadler) that uses a 6CB4 tube with a small
John> bar magnet in proximity to the envelope - this exacerbates the
John> transit noise of the tube and produses a very nice 5 Htz to
John> about 50 kHtz stream of chaos.
Htz? You mean Hz?
Noise diodes have been around for many decades, and certainly those
would serve. So would resistors, and plenty of other things.
What I was reacting to is the notion of a receiver "tuned to a local
station". A radio signal is quite far from random, and if a cryppie
were to use such a thing for generating keys he would be at serious
risk of a successful attack.
Now if you were to take a radio tuned to an unused channel, that would
be somewhat better. But still it would be subject to unexpected
biases from stations far away. A self-contained device such as an
electrical noise source is much simpler AND it is much easier to prove
that it has the right properties.
By the way, re the AT&T random number generator whose properties were
unproven -- these days, most of the designers of these devices *are*
prepared to show adequate proof, as well they should of course.
paul