[onerng talk] design decision questions
ianG
iang at iang.org
Sun Dec 28 23:05:39 GMT 2014
Just quick answer on the question of 50:50...
On 28/12/2014 21:01 pm, Gerd v. Egidy wrote:
> I'm curious why you chose the dual transistor solution which gives you
> non-50:50 results.
It isn't essential or even wise to achieve 50:50 results. The problem
is one of trust: I as software purchaser of RNs do not trust *any
hardware RNG* because they can all be perverted. So, on principle, I
don't actually trust the OneRNG. As I don't trust any one supplier of
RNs I must "collect" a bunch of them, mix them myself, then whiten &
expand them myself [0].
In such an environment, because we assume that all of the base RNGs we
use are suspect, and liable to go bad at any time, it is actually nice
if we can measure them and spot their biases. It's nice to be analyse
the output of our input devices and see that they have the
characteristics we expect.
That tells us that the thing is less likely to be tampered with at a
simple level. That's because "indistinguishable from random" is
actually very easy to fake, where as obscure biases are somewhat harder
to fake.
iang
[0] http://iang.org/ssl/hard_truths_hard_random_numbers.html
More information about the Discuss
mailing list