Accepted, entirely, but if "noisy diodes" are all you need for quantum entropy, why are designs for OSHW entropy generators so scarce? I suggested smoke alarms not through radioactivity-fetishism but because of ubiquity and low cost, likely low difficulty to adapt.
Jon Callas <[email protected]> wrote: >Be aware in all of this of the Heisenberg-Schödinger Credulity Effect. >That effect is that the word "quantum" sucks people's brains out, and >otherwise sensible people suffer from impaired reasoning. > >It is certainly true that radioactivity is a random effect, and is >quantum in nature. That does not mean that in order for a random >sampling to be quantum, it must be based on radioactivity; there are >other quantum sources of randomness. Noisy diodes, resister noise, CCD >noise, etc. are all quantum. If you want to get picky, *all* physical >effects are quantum, even ones that aren't usefully random. There is >nothing magic about one physical source or other that makes it more >suited for crypto. Thinking that a hardware source should be >radioactive is affirming the consequence, as well. > >Not does it mean that a radioactive (or other) source is suitable for >cryptography without some sort of conditioning. Hardware sources are >often biased in distribution, or have other numeric flaws that can be >fixed with a whitening function. > >In short, radioactivity is neither necessary nor sufficient for >cryptographic use. If you want to use a source for crypto, you want to >run it through a system like /dev/random or at the very least a DRBG to >give clean outputs. > >Furthermore, what we really want in crypto is what I call >"unguessability." This is both weaker than true randomness and >stronger. It's stronger in that the numbers have to remain secret. A >completely random process that everyone knows is completely unsuitable >for crypto, but a weakly entropic input can be jiggered into >suitability. > >To sum up -- don't get wrapped around the axle about radioactivity. >It's not the only random process in the universe, and you have to do a >lot of work once you have it. The sort of work that you need to do is >precisely what a well-done OSRNG does. > > Jon -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
