[onerng talk] design decision questions

ianG iang at iang.org
Sun Dec 28 23:05:39 GMT 2014

Just quick answer on the question of 50:50...

On 28/12/2014 21:01 pm, Gerd v. Egidy wrote:

> I'm curious why you chose the dual transistor solution which gives you
> non-50:50 results.

It isn't essential or even wise to achieve 50:50 results.  The problem 
is one of trust:  I as software purchaser of RNs do not trust *any 
hardware RNG* because they can all be perverted.  So, on principle, I 
don't actually trust the OneRNG.  As I don't trust any one supplier of 
RNs I must "collect" a bunch of them, mix them myself, then whiten & 
expand them myself [0].

In such an environment, because we assume that all of the base RNGs we 
use are suspect, and liable to go bad at any time, it is actually nice 
if we can measure them and spot their biases.  It's nice to be analyse 
the output of our input devices and see that they have the 
characteristics we expect.

That tells us that the thing is less likely to be tampered with at a 
simple level.  That's because "indistinguishable from random" is 
actually very easy to fake, where as obscure biases are somewhat harder 
to fake.


[0] http://iang.org/ssl/hard_truths_hard_random_numbers.html

More information about the Discuss mailing list