William H. Geiger III (whgiii@invweb.net)
Tue, 07 Jul 1998 03:07:06 -0500
-----BEGIN PGP SIGNED MESSAGE-----
In <19980706222457.A4957@die.com>, on 07/06/98
at 10:24 PM, Dave Emery <die@die.com> said:
> I couldn't more agree. But sometimes the best is the enemy of good
>enough, and if people assume that accessing any useful kind of hardware
>randomness involves radioactive sources and all the legal and regulatory
>hastles that involves, real implemntors may fall back on the low bits of
>the process number hashed with the real time clock and leave the system
>wide open.
Finding Radioactive sources are not as hard as it seems. Uranium ore can
be purchased is small quantities from several sources and the is no
regulation of their purchase. Also Americium 241 is available in every
smoke detector. Hell one could create Radon dust sources just from
filtering the air.
Background radiation alone could be used if the quantity of bits needed is
low and bits are pooled over a period of time.
Dead time seems to be an issue but a minor one that can be calculated and
adjusted for on a given Geiger-Muller tube.
- From the little research I have done so far there seem to be no way of
influencing the time between hits in any predictable manner.
Adding/removing sources can increase/decrease the frequency of hits over a
given time period but the actual time between any two hits is still a
random event.
It would not be that hard to add some sanity checking to the software that
would detect abnormal fluctuations in the hit rate. I think that it would
be extremely unlikely that an outside source could influence such a device
without detection.
So far this thread seems to be off the cuff discussion on the matter.
There must be some research papers on this.
- --
- ---------------------------------------------------------------
William H. Geiger III http://users.invweb.net/~whgiii
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://users.invweb.net/~whgiii/pgp.html
- ---------------------------------------------------------------
Tag-O-Matic: This is a TAG-O-Matic
Multi-line Sample
Tag
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBNaHchI9Co1n+aLhhAQFDHgQAvvQ10MNqh7y3CjJiSCNfakI/FAZ1tSBj
jxB+HucLs/bL6fYAXkPoT2HaQL0u9ru4NvQgRRitRyjcLWIJBGz4uRUUDXmqsNBw
O6Hbz6KEpDZbiOymYThMGg75scf/5rgiGrkq0D/EolIwogC6SaWQTRv+Tjk7eeFV
9raQq6pnvIY=
=SRvS
-----END PGP SIGNATURE-----
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:08 ADT