Tor To Use Distributed RNG To Generate Truly Random Numbers

An anonymous reader quotes a report from Softpedia: Tor developers have been working on the next iteration of the Tor network and its underbelly, the Onion routing protocol, in order to create a stronger, harder-to-crack anonymous communications system. To advance the project, the developer team schedules brainstorming and planning meetings at regular intervals. The most recent of these meetings took place last week, in Montreal, Canada. In this session, the team tested the next generation of the Tor network working on top of a revamped Onion protocol that uses a new algorithm for generating random numbers, never before seen on the Internet. The Tor Project says it created something it calls "a distributed RNG" (random number generator) that uses two or more computers to create random numbers and then blends their outputs together into a new random number. The end result is something that's almost impossible to crack without knowing which computers from a network contributed to the final random number, and which entropy each one used. Last week, two University of Texas academics have made a breakthrough in random number generation. The work is theoretical, but could lead to a number of advances in cryptography, scientific polling, and the study of various complex environments such as the climate.

Re:pseudo+pseudo=true?

[gweihir]

No. The title is bullshit. This is about generating very hard to predict pseudo-random numbers, because you have to guess a large, distributed state and distributed seeding values.

As there is zero need for "true random" numbers in crypto (you only need "not guessable fro an attacker"), this is still a significant improvement.

Side note: Whenever something "mainstream" reports about random number generation, they get it wrong. It seems that non-experts routinely have no clue what is important here and what not. As for crypto, the philosophical question what "random" means is completely immaterial. Crypto just cares whether an attacker can somehow find out the "random" number or not and how difficult it is if it is possible. There is no need for "true" random numbers anywhere in crypto.