Slashdot Mirror
DIY Random Number Generator
Compu486 writes "The guys over at Inventgeek have come up with a project and how artical on building
a random number
generator that is less than 100.00 utilizing radioactive decay. Using some
Linux based open source apps and with a little ingenuity and some parts you probably
have laying around your house you can build your own."
Ok so where do we store enough bits to do this system justice?
I think it should read:
and how to article on...
And I have to wonder...that is less than 100.00 what?
I hooked up a geiger counter to an old school analog game port.
I had a simple C program that just spun between 0 and 255, and when a signal came across the game port it would record the current number.
run that through a hash function of your choice and it worked great.
dont cpus today have some noise generators built into them though?
If you have nothing to randomize, you have nothing to fear.
I know the English may not be the submitter's first language, but it would be nice if the editors....um, you know....*edited* the piece so it made sense.
Michael (Who now sits back and waits for people to pounce on my spelling/grammatical mistakes)
It's already going slow. Use the Coral Cache - http://inventgeek.com.nyud.net:8090/Projects/alpha rad/overview.aspx
I once collected loads of old broken smoke detectors and ripped out the small cell of americium from each of them.
I placed them into a big ball wrapped in tinfoil (shiney side in), then used my fathers' geiger counter to supply random numbers.
Its been working well, I've been counting the number of years its been running on my fingers, so far I've got to 13.
*note, this is totally false, but there was some stupid kid who did something similar.
liqbase
Whatever happened to just mashing your fists on the keyboard?
If you don't know where you are going, you will wind up somewhere else.
This project seems to work well... http://www.lavarnd.org/
I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
...or are they just slow?
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
"Laying"...
Lying perhaps?
>>
One of the applications I have envisioned for this project is a cheap and easy genuine random number generator. True random numbers in computing are nearly impossible, and successful solutions are very expensive systems based on radioactive decay or atmospheric measurements, for example. Using a small / relatively safe radioactive source and a high res CCD or CMOS sensor and assigning a value to each pixel and perhaps mixing in an algorithm or two with an inexpensive practical PCI card that is capable of generating genuine random numbers. Applications that could greatly benefit from this would be encryption, security applications, Computer AI and the Gambling establishment to name a few.
>>
Actually, no, none of these really benefit from "truly random numbers". The applicability of randomness to AI is... spurious at best? For gambling, you just have to be reasonably sure that someone can't predict in advance what your random sequence is going to be, and the Mersenne Twister plus any unknown piece of data as a seed is good enough at resisting everything our current understanding of mathematics can throw at it. (Yes, thats security through obscurity... in the same way that hiding your server behind locked doors, a firewall, and a secure password is security through obscurity. Its both necessary and sufficient.)
Encryption, similarly, would not benefit from transitioning from an "almost perfect" pseudo-random generator to a "perfect" random generator. For your security to fall based on random numbers, someone needs to be able to not just come up with a theoretical imperfection (ahah, 200 million runs of this random number generator and you'll notice it slightly skews away from these five integers!) but have to crack it wide open. Yay, yawn.
Now, radiation + poorly understood mathematics = geek high, I know. But in terms of practical application this gets a near zero.
Help poke pirates in the eyepatch, arr.
> and arical?..
Where does it say "arical"?
Why not use a live webcam? Select a number of pixels as source, label them as you wish and start compute. I mean, incoming photons ought to be fairly random too.
P.S. Clarification: if you're using the Mersenne Twister in a *real life* application that plus a seed value is good enough for a gambling application. For example, if you're generating nice big integers and then taking %6 to get the value of a die or using them to shuffle one or ten or a hundred decks of cards. If, on the other hand, you have some contrived game where you are passing the output directly to the player and continue in the same sequence for a rather improbably long time a player could figure out what sequence the Twister was on and then successfully predict all numbers in advance. But this is one of those earn-you-bonus-points-with-your-CS-professor-and-n ever-use-again pieces of trivia, because in the real world you have to basically design the system to fail for it to fail in this manner.
Help poke pirates in the eyepatch, arr.
IIRC Random.org just uses a soundcard and a radio tuned in between channels and collects atmospheric noise. Sounds much simpler/safer.
I think I'd rather the $100 rather than the random numbers.
For a practical solution, I'd just get a VIA Nehemiah CPU. The later ones have an embedded RNG, and do AES at truly amazing speeds. The actual CPU performance is quite bad compared to pretty much anything else, but it makes a nice quiet box if you don't need vast amounts of CPU power.
And besides, why the emphasis on shielding the camera? You'd think that for a RNG interference is good as it adds more randomness.
Less than 100.00! I've waited at least the past 8 for something like this!
There was a study done that asked a group of people to come up with a string of random ones and zeros. Unsurprisingly, after statistical analysis, they weren't very good. But the fantastic bit was to ask another group to pair off and for each of them to try to outguess the other: let your opponent see your string of ones and zeros so far and then try to make the next bit the opposite to the one they are likely to pick. Amazingly, these random strings were impressively more random. Perhaps we've evolved special pseudo-random number generators to allow us to be sneaky.
[I know, a reference would have been nice, but age does terrible things to your internal bibtex database]
If you find building something yourself to much of a hassle and you have either a webcam or a soundcard lying around, you could give audio-entropyd or video-entropyd a try.
www.vanheusden.com - home of Multitail, HTTPing, CoffeeSaint, EntropyBroker, rsstail, bsod, listener, nagcon, nagi
John Walker, of Autodesk fame, did a similar project, although with a simpler count-the-clicks approach. I copied it using an off-the-shelf Geiger counter and a piece of Autunite; it works well.
Paleotechnologist and connoisseur of pretty shiny things.
And this is better than Mersenne Twister (http://en.wikipedia.org/wiki/Mersenne_twister) with improved initialization because...? Even completely determinate, MT is preferable because brute force searching the number of starting states exceeds heat death of the universe. Full discussion at http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/em t.html
``Tension, apprehension & dissension have begun!'' - Duffy Wyg&, in Alfred Bester's _The Demolished Man_
This is a well done hardware project, but there was no analysis demonstrating that he could generate random numbers using this hardware.
g enerator
p
i s_200201/ai_n9046353
For example, see
http://en.wikipedia.org/wiki/Pseudorandom_number_
http://www.phy.duke.edu/~rgb/General/rand_rate.ph
http://www.findarticles.com/p/articles/mi_qa3742/
Randomness exists in nature all over the place. In fact, in every single atom, simply because we are not living in a world that is anywhere near a temperature of absolute zero. A johnson noise generator costs a few cents. In analog electronics, keeping randomness *OUT* is actually the harder problem.
Frankly, you don't need all that much true randomness to generate random numbers. You just need to be able to continuously seed a CSPNG from a random source, and not even at a very high rate. A few bits a second is plenty.
Move along,
-Matt
It's good enough to have been passed by all the regulators and is used by our online gaming systems.
So that was the hardware. What about some software to use this source? I.e.: gather the pictures, do some hasing, etc? This would be a nice addition to audio-entropyd.... :-)
http://www.vanheusden.com/aed/
http://www.vanheusden.com/ved/ perhaps?
A few things of note about dealing with smoke detector sources.
First, removing the source from a smoke detector is illegal in the US. I'm not aware of anyone being put in jail for doing it, but with the state of affairs currently I would not go posting the fact that you did it all over the internet.
Second, those sources can be very dangerous if mishandled. The source is coated in a THIN layer of gold and/or silver.. only a few atoms thick. If you touch it with anything you will break the seal and contaminate the object. If you then happen to touch it, you have a good chance of ingesting or inhaling it. This is bad. Am-231 is what is called a bone-seeker. It will be used in new bone growth and eventually kill you by causing bone tumors and other cancers.
Now with a little care you can be pretty safe, but the article in question should have been a little more explict about the dangers involved here.
From the article, it seems that he was creating something to satisfy his personal curiosity. He put together a good simple plan and actually made it work. That is interesting, fun, and admirable. I did not get the feeling that he set out to save the world from pseudo-randomness; as many have noted, it does not need saving. If he made some over-enthusiastic claims about the utility of his creation, who cares, he made it and it works; and, that is cool. Now, if next week, he starts hawking them at $250.00 each for the Ultimate Internet Privacy Shield, then give him hell. :)
WARNING: Smoking this sig may cause lowered IQ, insanity or short term memory loss. It is also really bad for your monit
For a cheap and quite good random number generator, you may want to get a new e-Passport and a contactless reader. Almost any passport, at least in Europe, America etc. will implement Basic Access Control. This uses a challenge response mechanism, and the challenge is almost certainly generated by a rather strong hardware random number generator. Obviously, you may want to be sure that nobody else can eavesdrop the random numbers.
To prevent eavesdropping an alternative may be to setup the secure messaging channel first. This has the drawback that the GET CHALLENGE command may not be available within the secure messaging channel. Another method is to use the 16 byte random number present within the MUTUAL AUTHENTICATE command. This is normally used to set up the session keys, but it can also be used as a random number source.
Anyway:
Get ATR (answer to reset)
SEND 00A4040C07A0000002471001 (SELECT the application)
RETURNS 9000 (OK)
SEND 0084000008 (GET CHALLENGE command)
RETURNS 8 random bytes and 9000 (OK)
repeat GET CHALLENGE until you have enough bytes (some e-Passports may support up to 256 byte challenges).
Actually, no, none of these really benefit from "truly random numbers"
A random number generator is the best way to generate good cryptographic keys. Pseudo-random numbers are not good enough, in fact that is the commonest kind of "snake oil" in the encryption world. See Bruce Schneier's site for examples.
A very long random sequence can be used as a one-time pad, giving completely unbreakable encryption if the sequence is truly random.
the Mersenne Twister plus any unknown piece of data as a seed is good enough at resisting everything our current understanding of mathematics can throw at it. ... [blah blah blah] ... in terms of practical application this gets a near zero.
Oh, so you would not want to have an $85 seed generator would you? If 1.3 million possible combinations are not good enough for you, you could always combine more hits to get any resolution you wanted. Then you feed that back into your twister or whatever. This eliminates the non random nature of your seed, which is a traditional weak point.
Friends don't help friends install M$ junk.
If we cannot show the government that we are responsible enough to use our smoke detectors in a safe manner, they will take them away from us!
Blar.
There seems to some possiblity for the creation of a superhero here. Wonder what his ability would be?
spoonerize "magic trackpad"
Am-231 is what is called a bone-seeker
The isotope used in smoke detectors is Am-241, not Am-231. Am-231 is too unstable to be listed in standard isotope tables.
Of course, all isotopes of Americium are bone-seekers, so your point remains valid, though I find it a bit nannying. The quantity of Am-241 in a smoke detector is really minute.
For the better part of a century, radioactive decay is what scientists always use when they want to invoke a natural process that is "random." But is radioactive decay really random... that is, are there, say, well-established quantum-mechanical equations that predict this? Or is it merely chaotic, or not known to be predictable... like the popping of kernels of popcorn in a microwave, or, for that matter, the spins of a roulette wheel?
"How to Do Nothing," kids activities, back in print!
Even more impressive is its automatic units conversion. 100 volts / 200 milliamps
If you don't know where you are going, you will wind up somewhere else.
You don't need radiation to make a randomizer from a camera. How about pointing the camera out of a window at a road. The cars, the people and other objects (birds) will move around supplying you with random data. Or you could have a transparent plastic box full of mosquitos or flies and point the camera at that ;)
How about using a soundcard and ambient noise? Or you could use an AM radio receiver for static noise. There are plenty of other sources of randomness.
You can't handle the truth.
http://www.random.org/cgi-bin/randnum?num=1&min=1& max=100&col=1
-- Boycott Shell
Some random data is needed to generate a cryptographic identity for you.
Please bang on the keyboard like a monkey.
Nice work Taco. Please consider taking a remedial English course sometime in the near future. If that doesn't work for you, consider taking a job with the OSTG janitorial staff -- they need help scooping out all the residual MS FUD ads /. has been bathing in these past few years.
I don't recommend the internal PCI version - you shouldn't place a gamma emmitter (yes, for the pedantic, Am241 is PRIMARILY an alpha emmitter) inside your case. You will be increasing the odds of a memory bit flip or such.
No, I don't trust in god. He'll have to pay up front, like everybody else.
If you parse the original sentence, it is still technically correct (if a little odd); we often do not use the definite article 'the' to describe something like a language, but it is implicit, especially when making normative standards, that there is a definite object to compare. 'The English' refers to an objective standard; whether such an object even exists is another matter not even vaguely related to the question at hand, and irrelevant, since properly constructed statements may refer to virtual or non-sensical subject matter and still be syntactically well-formed. Interestingly, the difference between "the" and "that", while substantially changing the structure of the sentence, does not much change its content; it basically means the same thing!
All the techniques ever used to make men moral have been themselves thoroughly immoral... (Nietzsche)
No dungeon master worth his weight in geldings goes anywhere without his... twenty-sided die!
mund freud.
Too bad you can't get an ionization smoke-detector almost anywhere in Europe...
Notorious throughout the slashdot community for malapropisms and misspellings.
Funny thing is, I read an interview with Rob where he said he's currently using a Mac. As far as I know, all recent Macs have the option of turning on spell checking across the OS -- so for instance, typing this on my Powerbook I see red underlines under misspelled words in the "Comment" text box on the submission page. Which means that he's either too lazy to turn this feature on -- or worse, too lazy to try and correct misspellings and typos that are already clearly marked.
Interested in a Flash-based MAME front end? Visit mame.danzbb.com
and it repeated itself after 400 iterations.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
They are emitted 180 degrees apart, and have nothing to do with alpha interactions from Americium. Completely different decay process.
This also has nothing to do with conservation of momentum, alpha decays cause the nucleus to recoil slightly, but since the atomic weight of the remaining nucleus is much larger than the alpha prticle, it doesn't move much. Photons have energy, hv, but by definition, no mass; i.e. no momentum.
These photons would go thru the ccd and would be very unlikely to show a blip.
But a chunk of cerium-doped sodium iodide would make nice flashes for the camera.
Obviously you had no idea what you were doing in high school, or have learned anything about it since, and you're giving HIM shit about not knowing advanced physics?
Twit.
Truth isn't Truth - Guliani
I put together a simple random number generator in the late '90s using avalanche noise from the reverse break-down of a cheap transistor's emitter/base junction. I amplified it with a simple supply noise insensitive 4-transistor amplifier, and pushed it through an 8-bit 40 megabit/sec Analog Devices A/D converter. I xor-ed 80 samples together, while rotating bits in between samples. I used a $3 Lattice PLD to interface the board to an old PCs ISA bus.
... .5*2^i*d^i = .5*(2*d)^i
.5*(2*d)^i
I generated a CD full of random data, which anyone is willing to have if they want it. I've tested it against the "Die Hard" tests, and almost all the 10-meg files pass. There is one test that failed now and then, so I contacted the statistics professor who wrote it. I showed him that his own random number generator, thought to be nearly foolproof, failed the same test with the same probability. It seems I found a bug in his program!
Total cost for components is $10. Anyone who is interested can have schematics for free. Contact me at bill@billrocks.org.
The theory behind it is simple... who cares if the bits from the source are completely random? It turns out you just need a LITTLE true randomness from the source. By xoring bits together that have some randomness, you quickly approach truly random. By my estimate, only God would ever know the difference for the data I generated from perfectly random data, since the board could generate data for billions of years before accumulating even one bit of non-random data in it's output.
Mathematical proof:
Two semi-random bits b1 and b2 each contain small amounts of
non-random noise which we can call d1 and d2. Note that d1 and d2 can
be correlated, and usually are. The notation P(expression) means the
probability that the expression will be 1.
I define P(b1) and P(b2) as:
P(b1) = 0.5 + d1
P(b2) = 0.5 + d2
Both d1 and d2 have a range of -0.5 to 0.5. Xoring b1 and b2 together gives:
P(b1 ^ b2) = P(b1 & !b2) + P(!b1 & b2) = P(b1)*P(!b2) + P(!b1)*P(b2)
= (0.5 + d1)*(0.5 - d2) + (0.5 - d1)*(0.5 + d2)
= 0.25 - 0.5*d2 + 0.5*d1 - d1*d2 + 0.25 + 0.5*d2 - 0.5*d1 - d1*d2
= 0.5 - 2*d1*d2
Squaring a small number makes it very small indeed. If d1 and d2 are
already 0.01, then xoring b1 and b2 together results in a random bit
noise level 0.0002. This leads to the following equation for the
amount of non-random noise defined as n(bits) given the number of bits
in the xor sum:
n(1) = d
n(2) = 2*n(1)^2 = 2*d^2
n(4) = 2*n(2)^2 = 2*(2*d^2)^2 = 2^3*d^4
n(8) = 2*n(4)^2 = 2*(2^3*d^4)^2 = 2^7*d^8
n(i) = 2^(i-1)*d^i =
Here's how you can use this equation. Lets say you believe you have
non-random noise levels of no more than d. You want the noise level
to be less than N. We want to compute the number of bits needed, i:
N = n(i) =
2*N = (2*d)^i
log(2*N) = i*log(2*d)
i = log(2*N)/log(2*d)
So, for example, if you feel your non-randomness per bit is less than 10%,
but you need less than 1 part per billion, we compute the number of bits
needed in the xor-sum:
i = log(2*10^-9)/log(2*.1) = 12.5
In other words, just xor together at least 13 bits.
Beer is proof that God loves us, and wants us to be happy.
did the cat die?
Almost every pc nowdays has a built-in (johnson) noise generator, it's called a soundcard
(just make sure there is no jack plugged in)
I just use a female-mood-detector. That's _my_ source of high-grade randomness.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
Granted, the setup was simpler and it required a bit of trust from all participants, but I've had a home-made random number generator for years now.
Ride the skies
...in certain bands aggregates as totally random. Use that. You know how Madam Curie died, don't you? ;)
Loading...
i may be misreading the results, but "If you look closely you will be able to see the white flashes that are one pixel in size, as well as faint blue streaks" does indeed sound/look an awful lot like Cherenkov Radation! Which normally you don't get to see for less than a hundred thousand clams, at the least.
The alpha from Am-241 has an energy of 5.638 MeV, which corresponds to a velocity of 0.053c or so, using the standard classical formula for kinetic energy, and taking the alpha mass to be 4GeV, off the top of my head. There is no way that could be fast enough, as far as i'm aware, to cause Cherenkov radiation.
huh. i'm sure you're right. there are pretty/almost clear blue flashes in the animated .gif tho;
i wonder if it's some other artifact of the alpha skittering across the CCD.
Yeah, it's interesting, i don't know why it creates the response it does. CCD's aren't exactly designed to detect particle raditation, so anything is possible. Personally i think that over time the radiation would damage the CCD, eventually rendering it useless.
I built the same circuit with a parallel port interface to the raw (non-XORed) output, and it cost even less. However with that design, you need to do the XORing or hashing in software. We ended up writing a daemon that would feed the Linux kernel's entropy pool whenever it was low.
w illware.net/hw-rng.html (see "Nifty Postscript")
http://web.archive.org/web/20021121031201/http://
Looking at the FAQ for www.random.org, I see that they acquire their entropy from a radio tuned to an un-used channel. That just begs a question - what frequency? (and of course, where are they?)
Because they discard the high-order bits of their stream and only retain the low-order bits, it would be difficult to to deliberately inject bias into it, but it would be an interesting project to try. But correspondingly, wouldn't failure indicate that their ultimate source of randomness isn't the radio signal, but is the thermal noise in the amplifiers/ bias circuits/ etc in the microphone input and digitiser for their Sun?
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Well, actually I used to do work with (IT support, nothing fancy) for part of the SUCIMA http://accelconf.web.cern.ch/accelconf/d03/papers/ CT09.pdf team (Badano, Ferrando e Pezzetta).
Well, the monitor uses a CCD indeed. Problem with CCDs is that usually it's a destructive monitor (it destroys the particle beam), so you must do some tricks (read the pdf) if you want to keep it.
The generation of random numbers is too important to be left to chance. -- Robert R. Coveyou, Oak Ridge National Laboratory, 1969
I remember finding your circuit on-line! I actually built yours first, but my inverters made oscillators, rather than amplifiers. Also, the parallel interface was slower than the ISA bus.
However, my main improvement was using a 40-mhz 8-bit A/D converter. The samples are highly correlated, but who cares? By only taking the MSB (the least random), the old circuit loses most of the available noise. The 40-Mhz samples get highly random LSBs (less than 10% correlation).
Thanks for the circuit, especially the initial noise source stage, which I duplicated exactly (first two transistors, resistor, coupling cap)! It's a great noise source, good for probably 1MByte/sec with proper sampling. My biggest remaining concern for the circuit is just how much the first two transistors vary as a noise source, as the beta is fairly uncontrolled, as is the noisiness of the emitter-base breakdown.
Beer is proof that God loves us, and wants us to be happy.
I generated a CD full of random data, which anyone is willing to have if they want it.
:P
640 megabytes is a little much for my connection to handle right now. Could you compress it and send it to me please?
strike
"Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
Old school wins again...
I have lived among the English, but I don't really KNOW them.
Does the knowledge depress you?
Wally, a Texan in Lancashire
--
The English, the English, the English are best,
So up with the English and down with the rest -- Flanders & Swann
LOL. Best. Post. Ever. Especially after the whole "Compress Wikipedia and Win Big!" story.
Dude I so wish I had mod points right now! Please someone mod this as funny.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
What could be more random and unpredictable than that?
(Of course that isn't an inexpensive solution...)
LOL!!!
It compresses really well! In fact, to one byte: 42
Beer is proof that God loves us, and wants us to be happy.
For anyone interested, I'm developing a web-site to document my old RNG at http://www.billrocks.org/rng. Enjoy!
Beer is proof that God loves us, and wants us to be happy.
frickin? I don't like fake swears. Try to refrain from swearing, but if you must, it's "fucking"
It's a color ccd camera which has a red, green, and blue cells. The radiation is simply striking one of the blue cells.