John Kelsey wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> At 07:08 PM 6/5/00 -0700, [EMAIL PROTECTED] wrote:
> >So I'm curious about what all methods do folks currently use (on NT
> >and unix) to generate a random seed in the case where user
> >interaction (e.g. the ol' mouse pointer waving or keyboard tapping
> >approaches) isn't a viable option?
>
> If the machine has a microphone, you can get some unpredictable bits
> from internal noise in the circuit, and also from real noise in the
> room the computer's in. There's probably a tiny bit of entropy
> available even in the worst case imaginable from network packet
> arrival times, if you can get them. And Jack Lacy and Matt Blaze did
> some clever stuff with something called ``truerand,'' which tries to
> measure clock jitter between the CPU clock and the external clock
> used to get the time of day. Peter Gutmann's cryptographic library
> has OS polls that seem to have some entropy in them, even without
> user interaction, presumably ultimately based on hard drive timings,
> clock jitter, etc. Hard drive timings can also provide some
> unpredictable bits.
>
There is an article (somewhere) on the net of digital cameras focused
on lava lamps. Photos are taken of the lava lamps and mixed into a
hash function to generate random data. I believe the author had some
algorithm for turning the lamps on and off, too.
I don't know how random it is, but it sounds really cool. :)
