Jytter does all of this and has been validated and proven by the worlds leading random number experts. Its been validated as a TRNG (not a PRNG) that operates in userspace. And its only 11 assembly language instructions.
Sent from my iPhone > On 21 Nov, 2014, at 1:41, d...@deadhat.com wrote: > > >>>> Plz excuse if inappropriate. Does anyone know of a decent (as in >>>> really >>>> random) open source random generator? Preferably in PHP or C/C++? >>>> >>>> Thanks. > > Getting back to the initial question, the answer I think is 'no'. > > You haven't expressed clearly what you want from this RNG, but you're > asking in a crypto forum and you said 'really random', which I take to > mean you want something that is suitable for crypto applications, like > generating keys, feeding key search algorithms, random IVs, nonces and all > the other fun stuff we do. I take it to mean you are not just looking for > a CS-PRNG. > > For this you need an algorithm that > A) Measures the physical world in a way that translates quantum > uncertainty into digital bits with a well defined min-entropy. > > and > B) Cryptographically processes these numbers such that they are > unpredictable (in specific ways) and indistinguishable from random. > > and maybe > C) Uses that to seed a CS-PRNG to give you lots of numbers with low > overhead and guaranteed computational bounds on the adversary. > > An algorithm in C, C++ or PHP in isolation cannot offer the necessary > properties because those languages can only be used to express > deterministic behaviors. > > The hardware you run on must provide the source of non determinism. This > could be by sampling local physical events that happen to be entropic or > from a local entropy source circuit, or by reaching out over the internet > to other sources (this has issues) or a combination of all three. > > In a pinch you can look at the whole system as assume entropy is leaking > in through its pores, and then sample the system state in complicated > ways. But this approach is tightly bound to the chosen system. It is not > portable. > > So knowing this, you can know what to go looking for. > > 1) A physical source of entropy -> Check your hardware specs > 2) An entropy extractor -> http://en.wikipedia.org/wiki/Randomness_extractor > 3) A CS-PRNG -> > http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator > > Code for 2 and 3 are spread all over the internet. > > For 1, buy one, buy a computer that has one or get out your soldering > iron. Bill Cox has been discussing his interesting design for such a thing > right here. > > DJ > > > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography