Be aware in all of this of the Heisenberg-Schödinger Credulity Effect. That
effect is that the word "quantum" sucks people's brains out, and otherwise
sensible people suffer from impaired reasoning.
It is certainly true that radioactivity is a random effect, and is quantum in
nature. That does not mean that in order for a random sampling to be quantum,
it must be based on radioactivity; there are other quantum sources of
randomness. Noisy diodes, resister noise, CCD noise, etc. are all quantum. If
you want to get picky, *all* physical effects are quantum, even ones that
aren't usefully random. There is nothing magic about one physical source or
other that makes it more suited for crypto. Thinking that a hardware source
should be radioactive is affirming the consequence, as well.
Not does it mean that a radioactive (or other) source is suitable for
cryptography without some sort of conditioning. Hardware sources are often
biased in distribution, or have other numeric flaws that can be fixed with a
whitening function.
In short, radioactivity is neither necessary nor sufficient for cryptographic
use. If you want to use a source for crypto, you want to run it through a
system like /dev/random or at the very least a DRBG to give clean outputs.
Furthermore, what we really want in crypto is what I call "unguessability."
This is both weaker than true randomness and stronger. It's stronger in that
the numbers have to remain secret. A completely random process that everyone
knows is completely unsuitable for crypto, but a weakly entropic input can be
jiggered into suitability.
To sum up -- don't get wrapped around the axle about radioactivity. It's not
the only random process in the universe, and you have to do a lot of work once
you have it. The sort of work that you need to do is precisely what a well-done
OSRNG does.
Jon
