Slashdot Mirror

← Back to Stories (view on slashdot.org)

Totally Random One Time Pads

Posted by ryuzaki0 on from the random-is-as-random-does dept.

liliafan writes "Scientists in Japan have come up with a way of harnessing a truly random datasource for generating one time encryption pads: Quasars. One time encryption pads are widely accepted as being the most secure form of encryption, but this new technology from the National Institute of Information and Communications Technology makes the pads even more secure."

10 of 265 comments (clear)

  1. cracking this would be useful by caffeinemessiah · · Score: 2, Interesting

    if this is ever widely accepted, it seems that the inevitable deluge of security researchers trying to find predictability in the patterns would be a beneficial thing. if one ever comes close to succeeding, sure your credit card details could be stolen, but we'd understand the universe a tiny little bit better...

    --
    An old-timer with old-timey ideas.
  2. So what? by rsw · · Score: 3, Interesting

    Getting randomness isn't interesting. Thermal noise is truly random, perfectly white, and easy to generate---it's as hard as passing a current through a resistor. Want more noise power? Avalanche breakdown, with appropriate whitening, works fine.

    Unless they've come up with an interesting way for two people in disparate locations to observe the same quasar and both independently observe the same random phenomena in a way which reliably and securely gives them access to the pad with no communication channel between them, this just isn't interesting.

    -rsw

    1. Re:So what? by EERac · · Score: 2, Interesting

      The time to start monitoring is key. If quasars generate random bits at a high enough rate, it become infeasible for a third party to just start recording bits from some quasar then search for a particular one time pad.

      A few years ago, I heard a talk by Micheal Rabin that explained how completely secure one time pads could be obtained from a satellite (or some other data source) that generated random numbers at a high enough rate (see New York Times Article here). It seems like a collection of quasars could play the roll of the satellite. Once again, the key to his approach was that the satellite generated too many random bits for them all to be recorded.

      In his approach, traditional cryptographic techniques can be used initally decide when two parties should start sampling random bits to generate one time pad. That pad can then be used to decide on additional pads. If a third party intercepts every communication, they could potentially generate the pads themselves, but they would have to act very quickly, because once they failed to record bits from the satellite (or quasars) those bits would be gone forever.

      Normally, if you intercept an encrypted communication, you can hold on to the message and attempt to break the decryption over time. With this approach, if you don't decrypt the intial communication right away, you've missed out on the one time pads, and thus the captured message is nothing more than random bits. It can never be decrypted.

  3. Lava Lamps by NitsujTPU · · Score: 1, Interesting

    The coolest random number generator ever.

    http://www.lavarnd.org/

  4. not so sure about this by argoff · · Score: 3, Interesting

    I imagine someone who wanted to could buy enough equiptment to record all known quasar emmissions and store them
    or try them against encrypted data streams. A million quasars with 5000 possible frequencies each, wouldn't be that
    much for a computer to churn thru. In a way, it almost seems like security thru obscurity.

  5. Hack by Catskul · · Score: 2, Interesting

    It sounds like a great idea, but it might be easy to subvert. All I have to do is overwhelm the signal and get the target to use my (or null) one time pad, and I will be able to decrypt. Hell I can even make my one time pad *look* random, and they'd likely never notice. While I'm at it I can do it from a satellite and not have to get near their antenna.

    --

    Im not here now... Im out KILLING pepperoni
    1. Re:Hack by hurfy · · Score: 2, Interesting

      How about not even replacing their signal.

      Could one jam/interfer with it enough if they had a rough idea of when? Sounds MUCH easier than pegging the millisecond to inject yours.

      Interfer enough so data is unusable, then they have to resend. Repeat as much as possible. Isn't having multiple versions of secret data floating around a bad thing?

  6. That's not randomness at all by LuminaireX · · Score: 2, Interesting

    That's not randomness at all. It only seems random because they don't have a model currently to describe quasar behavior. Thus, they're confusing randomness with unpredictability - just because one can't predict what will happen in the next n instances doesn't make it random. What's to say some brilliant scientist won't come along in the near future with a model predicting quasar behavior?

    1. Re:That's not randomness at all by Eric+Smith · · Score: 3, Interesting
      That's not randomness at all. It only seems random
      An interesting assertion, but without any backing evidence.
      they're confusing randomness with unpredictability
      There isn't any particularly better definition of randomness than "unpredicability". Some things are more unpredicable than others. Some things can even be proven to be unpredictable; for instance, the Blum-Blum-Shub PRNG has been proven to be unpredictable if you don't have a copy of its internal state, because it is mathematically intractable to derive the state from the output.

      It seems unlikely that it will become possible to predict the behavior of quasars as you suggest; we can't even accurately predict the weather on earth, which is a much smaller system than a quasar. For that matter, we can't predict the detailed behavior of a lava lamp, making that a reasonable source of random numbers (but patented!).

  7. BUZZZ! Wrong! by Anonymous Coward · · Score: 2, Interesting

    Agencies like the NSA will just monitor all quasars all the time. Given that the NSA already monitors (and records) communications transmissions (wireless mostly) 24/7/365.25, matching a quasar from the database with the appropriate signal start and stop would not be difficult to do. I'd say, not very secure a system really, because if the data is coming to or going from the U.S. the quasar would have to be visible in the same hemisphere as it's destination. You could not use this scheme to transmit data to the other side of the world either, as you would need the quasar to be visible by both parties. I'm still not that impressed. It's nice, but I really don't think it's more secure than much of what is out there already for crypto techniques.