[Freedombox-discuss] Crypto questions
Sandy Harris
sandyinchina at gmail.com
Mon Aug 1 06:02:31 UTC 2011
On Fri, Jul 29, 2011 at 2:42 AM, Another Peasant <versparis at gmail.com> wrote:
> Time to demonstrate my ignorance on the subject:
The standard reference on randomness issues is RFC 4086.
Read that to become much less ignorant:
http://www.ietf.org/rfc/rfc4086.txt
> the FBX will have a mic, right?
Many will, perhaps not all. Do we want to make that a requirement? My
guess would be "no".
Where there is a mic, it may be used for things like VoIP. Do we want
to rule out such apps in order to free the mic for and RNG? My guess
is that we could, since VoIP should be done from the end user systems
so the encryption can be end-to-end, and the Box is mainly a server
not an end user desktop, Even so, I'm not certain monopolising the
mic for an RNG is a good idea.
> Why not pick several different frequencies, at random, and then at
> random intervals, read levels of background or street noise for digits?
> Even if your RNG to pick frequencies and times wasn't truly random, I'd
> think that real-world noise levels would effectively wreck any discernible
> pattern in the end result. If this idea isn't so great, please, somebody
> speak up. Bad ideas must die, here, preferably sooner than later.
> -And I have no idea how this notion would be enacted. Not a coder, at all.
That sort of thing works better if you either provide something random
for it to listen to, say something like wind chimes or clattering hunks of
wood moved by a fan, or set the amplification parameters so high that
even with no signal, you get randomness from the circuit noise in the
system.
Quoting http://en.citizendium.org/wiki/Random_number_generator
" A digital camera can be used, either pointed at some random physical process
" or pointed at a plain background to use its circuit noise. Silicon Graphics
" built one called lavarand using a video camera pointed at a group of lava
" lamps; the descendant lavarnd (http://www.lavarnd.org/) uses a digital
" camera with the lens cap on. A microphone can be used in much the
" same two ways.
As I said in the earlier post:
> Where the plug has a sound card equivalent, and
> it isn't used for sound, there is a good solution
> using circuit noise in the card as the basis for
> a hardware RNG.
> http://www.av8n.com/turbid/paper/turbid.htm
So, yeah, there's a good solution based on mic input, though it
is not quite as simple as you suggest.
More information about the Freedombox-discuss
mailing list