Stories
Slash Boxes
Comments

SoylentNews is people

Article: Random Uniform Experiment for the Masses

posted by martyb on Friday June 21 2019, @07:56AM   Printer-friendly
from the certain-chaos dept.

melikamp writes:

Hot on the heels of the news about the League of Entropy, I offer my own analysis of various challenges present in the quest for random bits. Thanks to the exposure of this development by SoylentNews, I dug up my old 2012 proposal and saw that LoE implemented something very similar, but fully automated. Remarkably, it took me some 7 years to realize that my original proposal can be easily adopted for robots, and now I am delighted to share with you a very basic description of the problem, the difficulties, and the implementation details.

And by the way, you may not think that when you see the format, but this is intended as a scholarly article, and it is currently in peer review phase — where it will remain for as long as it is useful — and there are people willing to maintain it. Please feel welcome to offer comments, ideas, corrections via email or xmpp, and I will do my best to create a review journal and credit everyone involved, as appropriate.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Article: Random Uniform Experiment for the Masses | Log In/Create an Account | Top | 9 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by Lester on Saturday June 22 2019, @08:24AM

    by Lester (6231) on Saturday June 22 2019, @08:24AM (#858797) Journal

    I'm not sure if it was about this project, but was something similar, the review said: "It's a instresting source of random bits but not intended for cryptographic uses".

    But according with the creators, it is a good source for cryptography:

    Every other existing randomness beacon is generated by an individual entity. This means that an adversary needs to only take control of one party to tamper with randomness

    I'm a little astonished. For good cryptography, you need a good source of random bits, unfortunately, it is not always easy to get a good source of entropy. But if you think your local random bits are not reliable, and can be predicted in someway, let alone starting a connection that can be intercepted and then there is no prediction or guessing, but real data. Connection is always the weakest spot, there are a lot of points that can fail, DNS, MiM, Faked CAs.... To begin with, if you random bits are not as random as you think, how do you stablish a secure connection with the external random source? To stablish any TSL you need to generate a random key and/or challenge, so you are going to use your insecure random bits to generate a not random nonce to start a connection to get more a reliable random.!?!?

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3