Robert Hettinga (rah@shipwright.com)
Tue, 7 Jul 1998 22:13:33 -0400
>From the "shouting at a signpost" department.
Cheers,
Bob Hettinga
(who can't wait until someone starts a thread on Aptical Fodd--- er, um,
optical Brownian motion detectors...)
--- begin forwarded text
X-Sender: tcmay@mail.got.net
Mime-Version: 1.0
Date: Tue, 7 Jul 1998 14:35:00 -0700
To: cypherpunks@Algebra.COM
From: Tim May <tcmay@got.net>
Subject: Re: Random Data from Geiger Counter
Sender: owner-cypherpunks@cyberpass.net
Precedence: first-class
Reply-To: Tim May <tcmay@got.net>
X-Loop: cypherpunks@cyberpass.net
Status: U
(Not crossposted to CodherPlunks, as I'm not on that "controlled" list. And
folks should not crosspost their discussions to our list unless they a)
provide context for how the thread started, and b) get permission of the
"list owner" that followups from other lists will be allowed.)
At 9:03 AM -0700 7/7/98, Ryan Lackey wrote:
>You don't need to shield against radiation, neutrons, etc. You just need to
>detect high ambient flux -- neutrons are the main problem for shielding, yes,
>and you can buy a NAG glass lithium-free glass scintillator or whatever to
>detect a high neutron flux.
>Then you either turn off the source of random data to the application and
>warn the user or touch off the thermonuclear self destruct device or
>whatever else you wish to use.
Most discussions of radiation-based RNGs get off into too many unimportant
tangents about malicious attackers attempting to skew the numbers with
Proton Beam Orbiting Death Rays and such.
Plainly and simply, a simple zener diode looking at Johnson noise, using
standard von Neuman equi-outcome measures (equiv. to nulling bias towards
heads or tails by calling the "H T" pair a "1" and the "T H" pair a "0"),
and aggressively hasg will produce far, far, far higher quality apparently
random numbers than one can ever really need.
A diode with an embedded alpha particle source (my company used to make a
lot of these in the 1970s) is cute, but not needed. And even if used,
proper design (see above) means attackers can make using the RNG hard, but
not much more.
And such an attack on a local machine is unlikely in the extreme.
A Kocher-like lab could maybe do some interesting things on a captive RNG,
but likely far less--due to the inherent indeterminism--than the timing and
voltage attacks are yielding.
In case, utterly irrelevant for any real world use. About 127 on the list
of things to worry about.
And Geiger tubes are just about the worse way to go. Expensive, fragile,
slow, etc.
--Tim May
"The tree of liberty must be watered periodically with the blood of
tyrants...."
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Licensed Ontologist | black markets, collapse of governments.
--- end forwarded text
-----------------
Robert A. Hettinga <mailto: rah@philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The Philodox Symposium on Digital Bearer Transaction Settlement
July 23-24, 1998: <http://www.philodox.com/symposiuminfo.html>
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:12 ADT