> From: Brian J Beesley
> Sent: Friday, March 19, 1999 2:36 AM
> I've never seen a system with a built-in hardware RNG, however I do
> know that no less an authority than von Neumann suggested that
> this was a worthwhile feature to have built into the architecture.
FWIW, that whole Pentium III fiasco regarding privacy was about the CPU ID
on the chip. Well, Intel built a hardware RNG onto the chip which is used
in the process of psuedo-encrypting this value. Not sure about the details,
but I'm pretty sure it's just picking up thermal noise.
> There may also be a need to non-linearly transform values output
> from the RNG if you need to have a smooth flat distribution of
> random values to feed into your application. (Especially if the RNG
> is based on time intervals between shot noise / radioactive decay
> type events)
I don't know...once you start monkeying with the output, it then becomes
pseudo-random again. Basically, *someone* is telling the numbers "sorry,
you're not random enough for me" so they "adjust" them. Hmmm...
> Nevertheless, done properly, such a technique for generating
> random numbers is *far* superior to the pseudo-random number
> generator functions in standard programming languages.
What about the way PGP gets it's random number seed? You move the mouse,
hit the keyboard for a good 10-15 seconds to generate a "random" sample.
I doubt anyone could exactly duplicate their keystrokes and mouse movements
from one time to the next, and this is about as random as thermal noise from
a resistor. Is it pseudo-random because a human is involved? Couldn't I
affect the results of thermal noise in a non-predictable way by merely
waving my hand over the resistor, or the transistors in the amp stage?
Just food for thought. :-)
Aaron
________________________________________________________________
Unsubscribe & list info -- http://www.scruz.net/~luke/signup.htm