[147075] in cryptography@c2.net mail archive
Re: [Cryptography] Radioactive random numbers
daemon@ATHENA.MIT.EDU (Chris Kuethe)
Fri Sep 13 11:39:17 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <alpine.BSF.2.00.1309120837580.84692@aneurin.horsfall.org>
From: Chris Kuethe <chris.kuethe@gmail.com>
Date: Wed, 11 Sep 2013 16:57:58 -0700
To: Dave Horsfall <dave@horsfall.org>
Cc: Cryptography List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============7920445497931729940==
Content-Type: multipart/alternative; boundary=047d7bb0435c3e6d9504e62465ca
--047d7bb0435c3e6d9504e62465ca
Content-Type: text/plain; charset=ISO-8859-1
(curse you anti-gmail-top-posting zealots...)
On Wed, Sep 11, 2013 at 3:47 PM, Dave Horsfall <dave@horsfall.org> wrote:
> Another whacky idea...
>
> Given that there is One True Source of randomness to wit radioactive
> emission, has anyone considered playing with old smoke detectors?
Yep. For fun I wrote a custom firmware for the Sparkfun Geiger counter to
do random bit or byte generation that I could mix into my system's entropy
pool. I'll eventually update the code to also work with the ExcelPhysics
APOC.
acknowledging some prior art: http://www.fourmilab.ch/hotbits/
The ionising types are being phased out in favour of optical (at least in
> Australia) so there must be heaps of them lying around.
>
There are heaps of them at big-box retailers in the US, with no sign of
going away. I got a couple for $5 each.
> I know - legislative requirements, HAZMAT etc, but it ought to make for a
> good thought experiment.
>
Low activity sources seem to be fairly unencumbered. There are plenty of
places that will sell calibrated test sources or lumps of random ore for
educational use. Then you get to tell people funny stories about the time
you bought radioactive material on the internet, and someone else gets to
do the compliance paperwork (if necessary).
Homebrew geiger counter rigs aren't exactly practical or scalable - I don't
want to make my datacenter guys cut open a case of smoke detectors and
solder a dozen GM tubes so we can have good random numbers. A better
solution might be to use one of the various thumb-drive sized AVR-USB
boards: load in a simple firmware to emulate a serial port, and emit
samples from the onboard ADCs and RC oscillators... no soldering required.
I was going to say that it's simple to inspect the code - even the
generated assembly or the raw hex - for undesired behavior, then I
remembered the USB side is non-trivial. If you're not using the onboard USB
hardware it's much easier to verify that you're only doing an ADC sample, a
timer read, a couple of comparisons, a UART write, and nothing else
(assuming you offload the whitening to your host's entropy pool).
--
GDB has a 'break' feature; why doesn't it have 'fix' too?
--047d7bb0435c3e6d9504e62465ca
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">(curse you anti-gmail-top-posting zealots...)<div class=3D=
"gmail_extra"><br></div><div class=3D"gmail_extra">On Wed, Sep 11, 2013 at =
3:47 PM, Dave Horsfall <span dir=3D"ltr"><<a href=3D"mailto:dave@horsfal=
l.org" target=3D"_blank">dave@horsfall.org</a>></span> wrote:<br>
<div class=3D"gmail_quote"><blockquote class=3D"gmail_quote" style=3D"margi=
n:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204=
);border-left-style:solid;padding-left:1ex">Another whacky idea...<br>
<br>
Given that there is One True Source of randomness to wit radioactive<br>
emission, has anyone considered playing with old smoke detectors?</blockquo=
te><div><br></div><div>Yep. For fun I wrote a custom firmware for the Spark=
fun Geiger counter to do random bit or byte generation that I could mix int=
o my system's entropy pool. I'll eventually update the code to also=
work with the ExcelPhysics APOC.</div>
<div><br></div><div>acknowledging some prior art:=A0<a href=3D"http://www.f=
ourmilab.ch/hotbits/" rel=3D"noreferrer">http://www.fourmilab.ch/hotbits/</=
a></div><div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:0p=
x 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);bo=
rder-left-style:solid;padding-left:1ex">
The ionising types are being phased out in favour of optical (at least in<b=
r>
Australia) so there must be heaps of them lying around.<br></blockquote><di=
v><br></div><div>There are heaps of them at big-box retailers in the US, wi=
th no sign of going away. I got a couple for $5 each.</div><div>=A0</div>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex">
I know - legislative requirements, HAZMAT etc, but it ought to make for a<b=
r>
good thought experiment.<br></blockquote><div></div></div><div class=3D"gma=
il_extra"><br></div>Low activity sources seem to be fairly unencumbered. Th=
ere are plenty of places that will sell calibrated test sources or lumps of=
random ore for educational use. Then you get to tell people funny stories =
about the time you bought radioactive material on the internet, and someone=
else gets to do the compliance paperwork (if necessary).</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra"><div>Homebr=
ew geiger counter rigs aren't exactly practical or scalable - I don'=
;t want to make my datacenter guys cut open a case of smoke detectors and s=
older a dozen GM tubes so we can have good random numbers. A better solutio=
n might be to use one of the various thumb-drive sized AVR-USB boards: load=
in a simple firmware to emulate a serial port, and emit samples from the o=
nboard ADCs and RC oscillators... no soldering required.</div>
<div><br></div><div>I was going to say that it's simple to inspect the =
code - even the generated assembly or the raw hex - for undesired behavior,=
then I remembered the USB side is non-trivial. If you're not using the=
onboard USB hardware it's much easier to verify that you're only d=
oing an ADC sample, a timer read, a couple of comparisons, a UART write, an=
d nothing else (assuming you offload the whitening to your host's entro=
py pool).</div>
<div><br></div>-- <br>GDB has a 'break' feature; why doesn't it=
have 'fix' too?
</div></div>
--047d7bb0435c3e6d9504e62465ca--
--===============7920445497931729940==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============7920445497931729940==--
