1992-12-05 - Hardware RNGs

Header Data

From: Joe Thomas <jthomas@access.digex.com>
To: cypherpunks <cypherpunks@toad.com>
Message Hash: 5c995d3429ef755393b9c9544334424293669615ca12391e22861940660a0f0a
Message ID: <Pine.3.05.9212051331.A28464-b100000@access.digex.com>
Reply To: N/A
UTC Datetime: 1992-12-05 22:51:18 UTC
Raw Date: Sat, 5 Dec 92 14:51:18 PST

Raw message

From: Joe Thomas <jthomas@access.digex.com>
Date: Sat, 5 Dec 92 14:51:18 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Hardware RNGs
Message-ID: <Pine.3.05.9212051331.A28464-b100000@access.digex.com>
MIME-Version: 1.0
Content-Type: text/plain


I just joined the list (rather loudly, I'm afraid), but I've already seen
several writers complain about the quality of RNGs and PRNGs for the 
purposes of cryptography.  PGP stores up keystroke-derived random bits
in a file, which has been pointed out as a possible security hole.  But
requiring random keystrokes every time one wishes to send a message seems
an inconvenient tradeoff, to say the least.

Someone posted a plan for a Zener diode-based hard RNG on sci.crypt a few
weeks ago.  I'm not much of a solderer normally, but this seems like a 
good idea if anyone out there has tried it out and tested the output for
nonrandomness.  (Of course, ideally we'll have alpha-decay-based RNGs
--guaranteed random by the laws of physics-- but I'll settle for thermal
noise on the cheap for the moment).

Anyone tried these yet?  More to the point, does anyone have some code
patches for PGP to use a hard RNG preferentially over other random
bitstreams?  (Yeah, it would be pretty easy, but there's no sense in
duplicating effort if we could get something standardized, pretty and
portable agreed on.)

Joe

P.S. Sorry about the wasted bandwidth last week.  My fingers were moving
faster than my brain, but I should have recognized this address as a
probable mailing list.  Thanks to all who politely directed me to the
-request address.







Thread