Re: RNGs - Use input from your sound card!

Mon, 18 Oct 1999 10:05:21 -0700 

From: Michael R. Batchelor <[EMAIL PROTECTED]>


> >My point is not that it doesn't yield useful randomness but that the
> >assertion that it is _completely unpredictable_ is false. This is, of
> >course, quite different to the assertion that it is not completely
> >predictable, with which I agree (over any finite time period).
>
>
> But I think most of this is moot (despite the fact that I've contributed
> to the thread) because we're trying to devise something the average
> person can utilize. While it's true that I've built Geiger counters, and
> I've built random noise generators with diodes in avalanche, and I've
> had the guts of scores of computers strung across workbenches connected
> to lights, the hot water heater, ham radios, motion detectors, model
> rocket launchers, and a lot of other things, most people aren't
> interested in cobbling together some device. What's needed for the
> working public is to use some existing device which is "good enough".
>
> MB
>
Michael, that´s exactly what I´m after:  Code that will let OpenSSL read
a standard audio card´s digital output for a certain time, extract the
difference between left and right channels, whiten out by hashing,
and deliver entropy to the RNG seed (see how much I´ve learned in
the last few days from this thread!  Thanks to all!).

Actually, this could/ought to be automated:  As the RNG is used, entropy
decreases (seed entropy, that is!  Universe entropy always increases - I say
this before  get a ton of email correcting me...).  When entropy goes
below a user configurable threshhold, OpenSSL could take certain user
configurable actions:  Try to get entropy form the sound card, and if
not, form other sources (screen, FAT, RAM, even user -supplied mouse
movements and keystroke sequences).  The user also ought to able to
configure OpenSSL to fail if there is not enough entropy.

Any takers to develop this code for inclusion in OpenSSL? (Sorry, I´m
a management-type far too dumb for the task!)

Kind regards to all,

J. Andrew Hall.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to