Re: Hardware True Random Number Generator design / concept

The Real Andy wrote:

On Tue, 21 Jun 2005 16:42:07 -0700, Yoy G0 <yoyg0@xxxxxxxxxxxx> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 22 Jun 2005 06:49:45 +1000, you wrote:
[snip]

Have you considered using a Psuedo RNG with hardware entropy for
seeding? There is plenty of great information out there to do this,
and it saves on having to buy hardware. Do a google for Mersenne
Twister, very good algorithm, long cycle.

By the way, a good statistical package for testing is R. Its free
and its very powerful.


I was thinking about a possibility of using that method
for producing key material for One Time Pad (OTP - cryptography),
but Matt Mahoney ommented in sci.crypt so
(POSTING - Re: Secure Data & Communication Project):

That is not one time pad.  Not that it can't be done securely,
but you don't have the theoretical secrecy against an attacker
with unlimited computing power that OTP offers.
With unlimited power the attacker can try all possible seeds
(since there are only a finite number of them)
and find the one that decrypts to something sensible.
All the wrong decryptions will look like random data.
With OTP all plaintexts are equally likely,
including all the sensible ones, so there is no way to
tell which one is correct.
OTP will require a hardware random number
generator for every bit of the keystream.



Given any number of unlimited resources, one can crack any
crytographic system. You need to dertime your requirements and then
make a decision based on how much money you want to spend and how much
development time you wish to put in and how secure you require the
system to be.



Also, I found the following in Wikipedia:

http://en.wikipedia.org/wiki/Mersenne_twister

"Unlike Blum Blum Shub, the algorithm in its native form
is not suitable for cryptography. For many other
applications, however, it is fast becoming the
random number generator of choice."

I don't know why Mersenne Twister is
not suitable for cryptography.
Any ideas?



The reason they state that MT is not cryptographically secure is
because it is a linear RNG. This means after a finite amount of time
the sequence will be restared and can become predictable.

A secure hahing algoritm can be used to circumvent this, but as with
any PRNG, there will always be a finite cycle. >

See http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html fro more
detail. I have used MT many times, and usually randomly throw away
numbers so that the sequence is less predictable.







It is hard to beat the use of "citations" or pointers to pseudo random locations in texts that are unknown to "spies".
But the code-talk used by a certain indian tribe during the war with Japan still remains virtually unbreakable, and it was in effect in CLEAR.
.