Readit News logoReadit News
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
Blikkentrekker · 4 years ago
What are the cryptographic and other such applications today for which `/dev/urandom` is not good enough and atomic decay randomness as a source is required opposed to thermal noise?
whispering · 4 years ago
Absolutely 100% no advantage whatsoever.

Absolutely 100% more fun.

whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
mdavis6890 · 4 years ago
Well that's interesting. Thanks for responding to my post. If you agree with me, why did you name uniform distribution as requirement number 1? Is that just part of the "official" academic definition or something?
whispering · 4 years ago
I am not able to motivate further, it's just that usually when we talk about random numbers we mean uniformly distributed random numbers. It is not a requirement in a strict sense. It's just the easier way to tell about randomness. We all have an intuitive understanding of rolling a dice or flipping a coin.
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
mdavis6890 · 4 years ago
I don't agree that uniform distribution is required for randomness.
whispering · 4 years ago
Me neither, and I'm the author. But whatever.
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
HelloNurse · 4 years ago
I wouldn't be comfortable putting the kind of strong radiation source that can increase events by some orders of magnitude close to me or my computers. Large detectors or multiple detectors to catch more natural radiation are safer.
whispering · 4 years ago
Yep but the main point that i was trying to make is that to get a faster generator you need a faster clock and a bigger timer, not a bigger detector nor more events, if you cannot back them up with the faster clock and bigger timer
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
HelloNurse · 4 years ago
Wouldn't it be possible to build large detectors of reasonable cost and power consumption? For example, instead of a small tube like in the article, flat metal plates or arrays of long wires in a thin rectangular chamber.
whispering · 4 years ago
The throughput is given by the frequency of the radioactive events. This can easily made bigger with a more radioactive source. The limit in this is how fast is the underlying reference timer. If you could have a fast enough timer, you could raise the radioactivity of the source and get a bigger throughput.
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
magicalhippo · 4 years ago
A Geiger-Müller tube has a dead-time after a detection event where it won't register a new event. Thus it's possible to saturate the tube. This would drastically reduce the entropy it generates, from what I can gather.
whispering · 4 years ago
I should try and see. The inhibit from the monostable timer could somewhat "transfer" the randomness source from the geiger to the time constant of the 555
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
magicalhippo · 4 years ago
Without shielding you don't need physical access, just physical proximity.
whispering · 4 years ago
Fair point.

However I don't think you'd be able to easily manipulate the random stream.

By triggering the random tube you just generate a random number, but even by triggering it continuously you cannot directly manipulate the bytes. The counter is not reset after every event.

Moreover: the timer/counter is clocked at 20M, for a 16 bit timer it overflows every 3ms. The tube is inhibited for a similar amount of time by a monostable 555. And this inhibit time is controlled by an RC network that is separated from the timer/counter crystal. So even noise and fluctuation on this two clock sources generate some randomness.

I'm not saying that it is impossible to manipulate, I'm saying congrats if you figure out a way.

whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
xor99 · 4 years ago
I would recommend looking at David Johnston's book "Random Number Generators, Principles and Practices" to get a handle on how complicated evaluating RNGs properly is. Radioactive sources combined with conventional circuits/electronics are too slow for practical applications afaik (e.g. incredibly time consuming to prove the performance but not bad in principle). However, I love the banana idea for its inventiveness.
whispering · 4 years ago
Definitely a slow method! It outputs about 1 byte every second. Not great performance! This 22KB sample took several hours to collect: https://github.com/valerionew/Banana-Random-Number-Generator...
whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
magnat · 4 years ago
The whole contraption should be shielded from the environment, otherwise its output could be easily influenced by an outside adversary pointing X-ray gun at it.
whispering · 4 years ago
Didn't we agree on the fact that if an attacker gains physical access the security is already compromised?

Otherwise you could just inject whatever you want from the uart, no need for any x-ray gun.

whispering commented on Generating true random numbers from bananas   valerionappi.it/brng-en/... · Posted by u/em3rgent0rdr
GravitasFailure · 4 years ago
Potassium Chloride is sold as a sodium-free table salt substitute and will give you far more decay events per second than a banana. I'd have to double check the decay rate in a kilo of KCl vs background radiation, but even if the decay rate is too low for random number generation you can still use it to salt your hashes[0].

[0] https://www.allrecipes.com/gallery/best-hash-recipes/

whispering · 4 years ago
KCl is definitely detectable. And the same goes for KOH. And it significantly increases the throughput.
w

u/whispering

KarmaCake day29June 9, 2022View Original