From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 29 Sep 1996 02:15:25 +0800
To: Cypherpunks@toad.com
Subject: Re: Mousepad RNG's?
Message-ID: <199609281551.IAA03203@dns2.noc.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:14 PM 9/27/96 +0200, Anonymous wrote:
> I just downloaded a copy of the beta version of Datafellows
> Windows 3.1 SSH and it asked to move the mouse around to
> generate some randomness.  In reading Applied Crypto, it
> mentioned that there is no such thing as generating
> randomness from a personal computer unless something like
> a Geiger counter is used.  Is there any way to create a
> fairly random sample from the mouse? Should one use lots
> of jerky movements, or take ones time with it?

In this case the entropy is the negative of the logarithm of 
the probability that you or someone else could exactly 
duplicate those mouse movements.  I would guess that you 
get at least three bits a second just doodling around, so 
half a minute of doodles (a pretty long time) should be unbreakable.

Some time ago, at a cypherpunks conference, people were making 
all sorts of ridiculous proposals for being really, really, 
really, sure that you had real entropy, and a prominent 
cypherpunk, possibly Tim May, said, "This is ridiculous:  
Nobody ever broke good crypto through weakness in the 
source of truly random numbers".  Sometime after that 
Netscape was broken through weakness in the source of 
truly random numbers.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com