Researchers Discover Breakthrough Method To Generate True Random Numbers From Weak Randomness Sources

Status
Not open for further replies.

anathema_forever

Honorable
Jan 12, 2013
98
0
10,660
Think this might have more than just ramifications for encryption this could be a breakthrough in math as well unless math already knew how to do this of course.
 

tom10167

Honorable
Apr 9, 2014
121
1
10,685
Not to discredit all this, but how big will this be for encryption, isn't aes256 already by far the strongest link in the chain?
 

heffeque

Distinguished
Dec 9, 2002
181
0
18,680
Not to discredit all this, but how big will this be for encryption, isn't aes256 already by far the strongest link in the chain?
You know nothing, John Snow. The creation of random numbers has nothing to do with AES256.
 

heffeque

Distinguished
Dec 9, 2002
181
0
18,680


I guess I didn't make things easy.
This might help you understand how AES works: http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

Interestingly enough, it's actually possible to use AES to get a random number... but then again... what "is" random? http://postimg.org/image/kzn9ljuyp/
7lnmt.jpg

:)
 
This is incredible and groundbreaking! It's also very weird, because I was thinking yesterday of ways in my head on how to create a random number better. One of my methods had to actually do with the wind, or weather. Basically, if you have some device which can measure airflow to the trillionths place, for instance, and take that last digit, it should be very random because obviously the airflow speed would easily change in the trillionths place constantly; there is no way it will be that constant.

Just my idea, though. I know there are some atomic things, perhaps radiation, that I have researched have some randomness to them. There are also add-on PCI cards for PCs that can generate more accurate random numbers that traditional methods.
 

mavikt

Distinguished
Jun 8, 2011
173
0
18,680
@turkey: What is an accurate random number...? I guess that if you could measure the growth rate of your beard to to the trillionth place, that would also be random, perhaps affected by your diet...

Anyways, from the article I understand that Oded Goldreich is gonna have to party like it's 1999 instead!
 
That's the thing I question myself, what makes him so sure that his algorithm is truly random? Well, he never said truly random, only that it's more random than the current ones. And I'm not going to question somebody who has been researching this sole problem for 20 years straight.
 
You need random numbers to create a salt. I have used a hash fed with several constantly changing variables such as the RDTSC on x86/x64 CPUs, the time in milliseconds, the PID of the running program, the system up-time, the name of the next temp file, etc.
 

CerianK

Distinguished
Nov 7, 2008
260
50
18,870
Late last year (and without a lot of fanfare), I also published a (preliminary) method of combining two weak random sources (one table based and one time based) with feedback to produce extremely random numbers (that passed all tests I ran). Are my numbers 'truly' random (like this new discovery purports) or can they be improved to be? I don't know, as yet. Anyway, here is the link: http://www.xtremevbtalk.com/tech-discussions/327902-code-snippets-web-spell-doom.html
 

willie nugs

Distinguished
Jan 13, 2011
34
0
18,540
Is it more random than taking a picture of the room your currently in, opening that .jpg file in notepad and just randomly highlighting a string of test from the middle of that file?
 

gnarr

Distinguished
Sep 2, 2009
22
0
18,510
@willie nugs, yes. Because 8 hours a day, the middle of your room is an overexposed windows which results in all the bytes in the middle of the file to be 0xff .
 

f-14

Distinguished
@turkey: What is an accurate random number...? I guess that if you could measure the growth rate of your beard to to the trillionth place, that would also be random, perhaps affected by your diet...

Anyways, from the article I understand that Oded Goldreich is gonna have to party like it's 1999 instead!

What is an accurate random number...? a number that doesn't follow a predictable path
? is not an accurate number for example.
 

bit_user

Polypheme
Ambassador
Since security is the primary application, let's keep it grounded in that.

Basically, a low quality random number is one where an attacker has fewer things to try, because they can predict parts of it. A high-quality random number is almost completely unpredictable, forcing them to search the whole key space.
 

bit_user

Polypheme
Ambassador
I trust that this is novel, but I do wonder how much of an advancement it is over Linux's /dev/random, which purportedly accumulates bits of entropy from various pseudo-random sources.

It'd be nice if someone explained the degree and nature of the advancement, here.
 
Status
Not open for further replies.