Re: IS THIS TRUE RANDOM ?

MooseFET wrote:
On Aug 30, 1:58 pm, John Larkin
<jjlar...@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
On Sun, 30 Aug 2009 09:46:52 -0700 (PDT), Leon



<leon...@xxxxxxxxxxxxxx> wrote:
On 30 Aug, 16:19, David Eather <eat...@xxxxxxxxxx> wrote:
Leon wrote:
On 25 Aug, 02:55, David Eather <eat...@xxxxxxxxxx> wrote:
Leon wrote:
On 24 Aug, 12:04, "BarNash" <therighti...@xxxxxxxxx> wrote:
Hi all
I need to implement a true random number generator within a FPGA chip .
I prefere NOT to rely on an external analog noise source .
I ask your opnion on the following design idea I have in mind for this .
The basic idea is to sample a group of 16 bit vectors from a ring
oscilator and to send out the
vector that is most far from the last vector sent out before this one .
The algorythm might look like this :
1> Sample 10 vectors of 16 bit each from the ring oscilator
2> send out the most far vector from the last one sent
3> Sample again 10 vectors of 16 bit each from the ring oscilator
4> send out the most far vector from the last one sent
5... so on
Please express you opinion on this , is this a true random number generator
?
Thanks
BarNash
idQuantique makes the Quantis RNG:
http://www.idquantique.com/products/quantis.htm
They aren't expensive.
Leon
Not expensive, but it is likely a piece of ***.
Red flags might be:
the tar and feather of -
"Macroscopic processes described by classical physics can be used to
generate random numbers. Typical chaotic processes include the
monitoring of some electric noise current in a resistor or in a diode.
This current is not random, but just very complex to describe.
Determinism is hidden behind complexity. Although their random numbers
are likely to pass randomness tests, these generators are
difficult to model." (fromhttp://www.idquantique.com/products/files/quantis-test.pdf)
Strange no? The rest of the world considers these processes (shot noise
etc) to be random, but these guys call it "Determinism"
There own process is not well described. How do they generate a single
photon? And if they do generate single photons how do they get a 4 - 16
MB/s entropy rate. (IMO) It is not possible.
Their certificate of conformityhttp://www.idquantique.com/products/files/CC_151-04255.pdf
is, while not bogus, is dubious. The Die Hard Tests are designed to test
for apparent non-randomness in *Pseudo Random Number Generators* -
passing these tests is insufficient to claim true randomness as the
tests were never designed to test a true random number generator and
even PRNG can pass if they are a little more sophisticated than average.
The author of the Die Hard tests even provides several examples of
PRNG's that will pass these tests.
They do not understand the significance of the probability tests. There
stuff always passes the tests for randomness when set for a confidence
level of 99%. If what they had was a TRNG then it would FAIL these tests
1% of the time.
They use the standard technique of attenuating the light from a laser,
to get single photons. They actually make single photon generators.
Leon
And the photo diodes, do they recover in the nsec range required? And
the perfect output data, to remove bias / non linearities they must have
used some algorithmic method, but they fail to mention that at all. Did
they input enough entropy into the algorithm to justify their claims?
You don't know, and I suspect no one does.
It smells of snake oil. They cite meaningless certificates as proof of
quality, use a faulty testing methodology - you have to be able to
"pass" the diehard tests but this alone is insufficient, plus according
to them, their random data does not "fail" tests like a source of true
random data would (at a 99% confidence level true random data would fail
1% of the time), and they make claims supported by factual errors (other
random sources are deterministic???).
Great stuff. I'll get one now for a door stop.
This is how they do the single photon detection:
http://www.idquantique.com/products/id100-20.htm
I don't think there is much wrong with that technique.
Leon
It's just gross overkill, when a Johnson or zener noise source, with a
downstream scrambler, is good enough.


For some jobs overkill is just the right amount. I don't begrudge
those who worry about the keys to the kingdom a little extra on random
numbers.

You left out other low cost noise sources such as the shot noise in a
semiconductor or in some applications, just a radio signal.

There is a very old voice scrambler design that uses two radios tuned
to the same radio station. Basically you mix the voice you want to
hide with a signal that is known at both ends. Unlike the simple
spectrum inversion method, a person listening can't learn to figure
out what is being said.


The above approach was used in a system called "SigSaly". There is a link:
http://en.wikipedia.org/wiki/SIGSALY
.

Quantcast