Physical Phenomena Without Quantum-random Properties
Thermal phenomena are easier to detect. They are (somewhat) vulnerable to attack by lowering the temperature of the system, though most systems will stop operating at temperatures low enough to reduce noise by a factor of two (e.g., ~150 K). Some of the thermal phenomena used include:
- Thermal noise from a resistor, amplified to provide a random voltage source.
- Avalanche noise generated from an avalanche diode, or Zener breakdown noise from a reverse-biased Zener diode.
- Atmospheric noise, detected by a radio receiver attached to a PC (though much of it, such as lightning noise, is not properly thermal noise, but most likely a chaotic phenomenon).
Another variable physical phenomenon that is easy to measure is clock drift.
In the absence of quantum effects or thermal noise, other phenomena that tend to be random, although in ways not easily characterized by laws of physics, can be used. When several such sources are combined carefully (as in, for example, the Yarrow algorithm or Fortuna CSPRNGs), enough entropy can be collected for the creation of cryptographic keys and nonces, though generally at restricted rates. The advantage is that this approach needs, in principle, no special hardware. The disadvantage is that a sufficiently knowledgeable attacker can surreptitiously modify the software or its inputs, thus reducing the randomness of the output, perhaps substantially. The primary source of randomness typically used in such approaches is the precise timing of the interrupts caused by mechanical input/output devices, such as keyboards and disk drives, various system information counters, etc.
This last approach must be implemented carefully and may be subject to attack if it is not. For instance, the forward-security of the generator in Linux 2.6.10 kernel could be broken with 264 or 296 time complexity. The random number generator used for cryptographic purposes in an early version of the Netscape browser was certainly vulnerable (and was promptly changed).
One approach in using physical randomness is to convert a noise source into a random bit sequence in a separate device that is then connected to the computer through an I/O port. The acquired noise signal is amplified, filtered, and then run through a high-speed voltage comparator to produce a logic signal that alternates states at random intervals. At least in part, the randomness produced depends on the specific details of the 'separate device'. Care must also always be taken when amplifying low-level noise to keep out spurious signals, such as power line hum and unwanted broadcast transmissions, and to avoid adding bias during acquisition and amplification. In some simple designs, the fluctuating logic value is converted to an RS-232 type signal and presented to a computer’s serial port. Software then sees this series of logic values as bursts of "line noise" characters on an I/O port. More sophisticated systems may format the bit values before passing them into a computer.
Another approach is to feed an analog noise signal to an analog to digital converter, such as the audio input port built into most personal computers. The digitized signal may then be processed further in software to remove bias. However, digitization is itself often a source of bias, sometimes subtle, so this approach requires considerable caution and care.
Some have suggested using digital cameras, such as webcams, to photograph chaotic macroscopic phenomena. A group at Silicon Graphics imaged Lava lamps to generate random numbers (U.S. Patent 5,732,138). One problem was determining whether the chaotic shapes generated were actually random — the team decided that they are in properly operating Lava lamps. Other chaotic scenes could be employed, such as the motion of streamers in a fan air stream or, probably, bubbles in a fish tank (fish optional). The digitized image will generally contain additional noise, perhaps not very random, resulting from the video to digital conversion process. A higher quality device might use two sources and eliminate signals that are common to both — depending on the sources and their physical locations, this reduces or eliminates interference from outside electric and magnetic fields. This is often recommended for gambling devices, to reduce cheating by requiring attackers to exploit bias in several "random bit" streams.
Read more about this topic: Hardware Random Number Generator
Famous quotes containing the words physical, phenomena and/or properties:
“To many women marriage is only this. It is merely a physical change impinging on their ordinary nature, leaving their mentality untouched, their self-possession intact. They are not burnt by even the red fire of physical passion—far less by the white fire of love.”
—Mary Webb (1881–1927)
“The television screen, so unlike the movie screen, sharply reduced human beings, revealed them as small, trivial, flat, in two banal dimensions, drained of color. Wasn’t there something reassuring about it!—that human beings were in fact merely images of a kind registered in one another’s eyes and brains, phenomena composed of microscopic flickering dots like atoms. They were atoms—nothing more. A quick switch of the dial and they disappeared and who could lament the loss?”
—Joyce Carol Oates (b. 1938)
“The reason why men enter into society, is the preservation of their property; and the end why they choose and authorize a legislative, is, that there may be laws made, and rules set, as guards and fences to the properties of all the members of the society: to limit the power, and moderate the dominion, of every part and member of the society.”
—John Locke (1632–1704)