Creating Entropy For Cryptographic Purposes

AI Thread Summary
Mason C. Turner, a cybersecurity professional, inquires about theoretical mechanisms for generating high entropy using current technology. He references Cloudflare's "wall of entropy," which utilizes temperature and data analysis to establish an entropy baseline, highlighting the trend of using random events for entropy sources. Discussions emphasize the use of ring oscillators (ROs) as popular entropy sources in digital architectures, with ongoing research into hardware true random number generators (TRNGs). Free-running oscillator (FRO)-based TRNGs are noted for their reliance on standard digital logic, despite challenges in randomness proofs and variability. The conversation also touches on quantum random number generators (QRNGs), which are commercially available and theoretically perfect but require rigorous testing to ensure functionality. The level of security needed is influenced by the intended audience for the data protection, ranging from casual threats to significant governmental entities.
StarHunter
Messages
12
Reaction score
0
TL;DR Summary
This topic touches on certain aspects of exploring entropy generating devices used to create information from energy.
Hello,

My name is Mason C. Turner and I work in the cybersecurity field. My background includes both military communications as well as private sector experience.

According to the laws of physics, to the best of my understanding information and energy are directly interchangeable in a theoretical sense but any useable energy source contains inherent information. Such at the wavelength of the energy, interference, amplitude and modulation. My question is what would be your go to theoretical mechanism to generate the highest entropy possible using current day technology?

I am happy to learn about current day methods and theoretical mechanisms. For example, Cloudflare uses its "wall of entropy" which is dependent on a temperature, and then so, through advanced analysis, large data collection can be used to create an entropy baseline. It seems like the current solution is to use what seems to be random events in order to create an entropy source. I am open to critics and other input.

Respectfully,

Mason C. Turner
 
Last edited by a moderator:
Computer science news on Phys.org
I am not sure if this is what you are looking for.

In digital architectures, jitter of ring oscillators (ROs) are popular sources for entropy.
You can get an introduction about ROs here:
https://en.wikipedia.org/wiki/Ring_oscillator
ROs for hardware TRNGs are actively being researched.

Also:
The FRO-based TRNGs are very popular due to their use of the standard digital logic despite issues with randomness proofs and chip-to-chip variability.
Source: https://en.wikipedia.org/wiki/Hardware_random_number_generator#Free-running_oscillators-based_RNG

Cloudflare's method of creating entropy is similar to the Lavarand method:
https://en.wikipedia.org/wiki/Lavarand
 
Quantum random number generators. These are already commercially available in the form of rack-mountable equipment. There are online resources that allow you to try them out (online resources can for obvious reasons not be used in actual security applications).

QRNGs are theoretically perfect, but for-real world hardware there a whole bunch of tests that they must pass to ensure that they actually work as intended (there are now organisations that can perform these tests)
 
  • Informative
Likes dirichlet and berkeman
A good question is who you are trying to keep out of your stuff: your little sister, or major world governments? That tells you how much effort one should reasonably put into this.
 
In my discussions elsewhere, I've noticed a lot of disagreement regarding AI. A question that comes up is, "Is AI hype?" Unfortunately, when this question is asked, the one asking, as far as I can tell, may mean one of three things which can lead to lots of confusion. I'll list them out now for clarity. 1. Can AI do everything a human can do and how close are we to that? 2. Are corporations and governments using the promise of AI to gain more power for themselves? 3. Are AI and transhumans...
Sorry if 'Profile Badge' is not the correct term. I have an MS 365 subscription and I've noticed on my Word documents the small circle with my initials in it is sometimes different in colour document to document (it's the circle at the top right of the doc, that, when you hover over it it tells you you're signed in; if you click on it you get a bit more info). Last night I had four docs with a red circle, one with blue. When I closed the blue and opened it again it was red. Today I have 3...
Back
Top