SoylentNews is people
SoylentNews
Like some kind of space-age Bingo hall caller, a cloud-based API that publicly streams random numbers arrives today, and is being touted by Cloudflare.
The web-distribution giant is enlisting the help of four other organizations and a handful of researchers to create what it calls the League of Entropy, a project aimed at creating and maintaining tools that output random numbers.
The project combines Cloudflare's own LavaRand lava-lamp-based random number generator with EPFL's URand, UChilie's random number generator, Kudelski Security's ChaChaRand, and Protocol Labs' InterplanetaryRand. The combined systems will funnel their random data into an endpoint called Drand, and every 60 seconds it will output a 512-bit value to the world, so that anyone can fetch the digits and use for their random numbers.
[...] "This global network of servers generating randomness ensures that even if a few servers are offline, the beacon continues to produce new numbers by using the remaining online servers."
This is where it should be noted that the public system will not be recommended in any way, shape, or form for use with cryptographic or security-sensitive tools or applications, for obvious reasons. Those who want a stream of private numbers can link up with Drand or the individual beacons directly rather than stream from the public API.
[...] Rather, Cloudflare sees the public strings being used for things like election auditing or scientific research where officials will want true random numbers that can be verified as untouched from the source. You can find more details of this over on the Cloudflare website by the time you read this.
Obligatory xkcd and Donald Knuth's exposition on the challenges of trying to create random numbers.
(Score: 2) by The Shire on Monday June 17 2019, @10:31PM
Essentially, if it's known when the number was fetched then the seed value is also known. This reduces the complexity of determining the key that seed was used to generate. You cannot increase entropy by providing known seed values. And if you're trying to generate large numbers of keys, then all those keys will be based on a single known seed value since that number is only changed every 60 seconds.
It's far more practical to generate your seed values locally. In fact, you're better off pulling a random value from global weather reports - barametric pressure, rainfall, windspeed at a random location than using their value.
Bottom line, it's pointless to have a "random" seed that changes infrequently (in terms of computer speed) and is available to world. It's trivial for anyone to keep a list of of the 86,400 seeds generated each day along with their timestamps for later reference.