On Wed, Sep 14, 2011 at 10:58 PM, Michael Rogers <[email protected]> wrote:
> At the Freedombox workshop at CCC there was a discussion about hardware > random number generators. One of the possibilities that was suggested > was to use the soundcard (or a cheap USB sound device) as a source of > randomness. I've just found out that this is mentioned in RFC 1750 [1], > so it's a "respectable idea". ;-) RFC 1750 has been obsoleted by 4086 http://tools.ietf.org/html/rfc4086 > 1) Read from the audio device with nothing connected, using the highest > available sample rate and resolution. Do you get just zeroes, or is > there enough thermal noise in the device to get some non-zero values? There's code for an RNG available, based on a sound card with no mic connected, with a good analysis of the thermal and other noise used. http://www.av8n.com/turbid/ > 2) Read from the audio device with a microphone connected. Discard all > but the least significant bit of the audio. Is the resulting bitstream > compressible? That is a fine idea for testing. If you are actually constructing an RNG, though, it is better not to discard any possible entropy. If you're sure there's no more than one bit per sample, take the parity of the sample rather than just the low-order bit. If there might be more than one, take the sample modulo something that is not a power of two. _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
