James A. Donald wrote: > > And if you want to obtain noise from quantum > indeterminacy, shot noise is much more convenient. > Instead of photons going through a half silvered mirror, > and randomly being reflected or not, you rely on > electrons randomly winding up at the base or the > collector of a transistor.
That's true as stated, and correctly reinforces the point that lots of things are more convenient than the quantum mechanics of photons. However, it should not be taken so far as to become an endorsement (in absolute terms) of shot noise as a convenient basis for a practical HRNG. A key element in the construction of a decent HRNG (by my standards, at least) is to have a provable lower bound on the amount of randomness in the raw data. We agree that there are many situations that have plenty of shot noise, but it is relatively hard to get a provable lower bound on how much shot noise there MUST be in any given situation. *) This applies to individual transistors and other devices; minimum shot noise is not one of the guaranteed specifications you see on the spec sheet. *) This applies even more strongly to larger systems with lots of components, such as a sound card treated as a black box. In contrast, I can obtain a reliable lower bound for the thermal noise in a sound card, based on black-box properties such as impedance, bandwidth, and ambient temperature. For details, see http://www.av8n.com/turbid/paper/turbid.htm In summary, as things stand today, over a wide range of conditions and requirements, the recently-mentioned sources can be ranked in terms of practicality, as follows: photons << electronic shot noise << thermal noise If somebody has a way of overcoming the limitations so as to change the ranking, please tell us about it. As I said in my previous note: It's true that quantum processes are in some very narrow theoretical sense "more fundamental" than other processes, but this is nowhere near sufficient and nowhere near necessary for building a decent HRNG. As I should have said: When vendors like idquantique emphasize the quantum nature of their raw data source, it rubs me the wrong way. http://www.idquantique.com/products/quantis.htm It indicates that either: -- they are clueless as to what's important and what's not, or -- they are operating on the assumption that their customers are clueless. Either way, it doesn't make me want to be one of their customers. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
