Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday November 13 2015, @01:24PM   Printer-friendly
from the entropy-FTW dept.

Want a FIPS 140-2 RNG? Look at the universe. The cosmic background radiation bathes Earth in enough random numbers to encrypt everything forever. Using the cosmic background radiation – the "echo of the Big Bang" – as a random number generation isn't a new idea, but a couple of scientists have run the slide-rule over measurements of the CMB power spectrum and reckon it offers a random number space big enough to beat any current computer.

Not in terms of protecting messages against any current decryption possibility: the CMB's power spectrum offers a key space "too large for the encryption/decryption capacities of present computer systems". A straightforward terrestrial radio telescope, this Arxiv paper states, should be good enough to make "astrophysical entropy sources accessible on comparatively modest budgets".

http://www.theregister.co.uk/2015/11/12/big_bang_left_us_with_a_perfect_random_number_generator/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by jdavidb on Friday November 13 2015, @02:19PM

    by jdavidb (5690) on Friday November 13 2015, @02:19PM (#262642) Homepage Journal

    I think the answer to that is that the field varies across three dimensions (probably more), so two different observers capturing random numbers from it in two different locations would get different numbers.

    But I am way, way out of my field of expertise here, so I could be totally wrong.

    --
    ⓋⒶ☮✝🕊 Secession is the right of all sentient beings
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by JoeMerchant on Friday November 13 2015, @02:32PM

    by JoeMerchant (3937) on Friday November 13 2015, @02:32PM (#262652)

    Using a picosecond clock timing when you log in in the mornings gives a hard-to-guess random number: assume a normal distribution with 100 seconds standard deviation, your clock reading will be more or less random in a range of values on the order of 10^14, even if you are ridiculously punctual with 1 second SD, that's still 10^12.

    The key with using background radiation as your key is to collect it with sufficient resolution over a sufficient period such that any attacker (with a similar telescope pointed at a similar region of sky) would not get the same pattern to some level of confidence. Variations in location of antenna, variations in pointing angles, aperture, atmospheric interference, etc. will play into it. It's sort of like anti-science, an experiment that is provably hard to reproduce.

    --
    🌻🌻 [google.com]
    • (Score: 1, Interesting) by Anonymous Coward on Friday November 13 2015, @02:38PM

      by Anonymous Coward on Friday November 13 2015, @02:38PM (#262656)

      It's sort of like anti-science, an experiment that is provably hard to reproduce.

      You want the non-reproducibility to be reproducible.

    • (Score: 1) by zoefff on Friday November 13 2015, @03:14PM

      by zoefff (5470) on Friday November 13 2015, @03:14PM (#262677)

      Just to imagine another attack vector: What if you shine with a laser into the telescope, wouldn't that make things more predictable?

      • (Score: 0) by Anonymous Coward on Friday November 13 2015, @05:21PM

        by Anonymous Coward on Friday November 13 2015, @05:21PM (#262753)

        The CMB is not measured at those wavelengths.

    • (Score: 1) by SunTzuWarmaster on Friday November 13 2015, @05:52PM

      by SunTzuWarmaster (3971) on Friday November 13 2015, @05:52PM (#262772)

      You are correct in thinking that these numbers are essentially random and that a pico-second clock would be a way around it. However, someone on the other side of the world would be able to adjust *their* pico-second clock until their numbers matched up with yours. Then, presumably, they would win at blackjack, take all your casino money, read all your E-mails, launch the nukes, mix the darks and the lights, and spoil the milk.

      PS - obviously using these numbers as an encoding base doesn't work for the same reason, adding some "not random" number doesn't work for crypto reasons, etc.

      • (Score: 2) by JoeMerchant on Friday November 13 2015, @10:06PM

        by JoeMerchant (3937) on Friday November 13 2015, @10:06PM (#262853)

        Not sure we're on the same page: to get a seed for your crypto PRNG for the day, feed it the ps clock value at the time you log in, nobody will measure the time of your login better than 1/100 second, even if they have a high resolution video feed that shows when you hit the enter key (and have managed to sync your ps clock to their camera feed) - and then, they've still got 10^10 codes to try to match up to whatever the visible outputs of your crypto PRNG are that day. Prevent people from seeing you hit the Enter key on video and you up your security by an order of magnitude.

        Of course, if they've already crawled that deep into your system, they probably have keyloggers running on you that will make the rest of the security irrelevant.

        --
        🌻🌻 [google.com]