From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by huchra.bufferbloat.net (Postfix) with ESMTP id 976D620024C for ; Mon, 12 Mar 2012 08:21:43 -0700 (PDT) Received: from [192.168.83.5] (c-76-97-152-51.hsd1.ga.comcast.net [76.97.152.51]) by mrelay.perfora.net (node=mrus4) with ESMTP (Nemesis) id 0MLv7s-1RzOu02UmK-008PB0; Mon, 12 Mar 2012 11:21:42 -0400 Message-ID: <4F5E1483.7070103@c3energy.com> Date: Mon, 12 Mar 2012 11:21:39 -0400 From: "Ron Frazier (NTP)" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.9) Gecko/20100722 Eudora/3.0.4 MIME-Version: 1.0 To: thumbgps-devel@lists.bufferbloat.net References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Provags-ID: V02:K0:WPW9gXO1I8/tj9m7r8f1jPmKtE+nCL17G7w6ALGQd+y xevW1rTYTvg8wNdHMBmgd1B80dWvov/Vflf6I0/6X4VEBbmMQ6 4ciaAI+lYLX7WonaKuC8jm2RfHhU2+/2HFQPOHIo5oikEXcS5E CeQF78lp7EzMFoHH/S4X8JZ/vwBMq9ko9yRJlFc2k8Nt0pXUOy fNa95YnD92Su5EW/9PVwWLm1VT/7hsMBBdLBfm3GfN2/Y7gBcd QwcOFi/Albn0Mw+3g9u+tC6piUs/6w1njBE5LVWyQAZOSybb/8 aZLR5YTyr2ls7y+jxQiotupT2sxtOEeq+U+dbWS9Tn/MBj4B9D YgrzQdWn3I1xHJorTvfY7/hjcLERh2ay/pgl0QIp2 Subject: Re: [Thumbgps-devel] time and random numbers X-BeenThere: thumbgps-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Mar 2012 15:21:43 -0000 Hi guys, Steve Gibson, of Gibson Research Corp. knows quite a lot about random numbers and cryptography. His Security Now podcast is very useful. You might find these links and episodes interesting. https://www.grc.com/passwords.htm https://www.grc.com/securitynow.htm http://media.grc.com/sn/sn-299.mp3 - Going Random PT 1 http://media.grc.com/sn/sn-301.mp3 - Going Random PT 2 http://media.grc.com/sn/sn-143.mp3 - Yubikey One Time Password Device Steve recommends never writing your own crypto. Even he doesn't do it. He recommends using algorithms proven and tested by crypto experts. The failure of WEP encryption, which can now be cracked in under a minute, is example of the pitfalls. Sincerely, Ron On 3/10/2012 8:48 PM, Patrick Maupin wrote: > On Sat, Mar 10, 2012 at 6:07 PM, Dave Taht wrote: > >> One of my other concerns in life is the lack of quality random numbers >> for use in cryptography. >> > Worth thinking about. > > >> http://warmcat.com/_wp/whirlygig-rng/ >> > I'm not sure I would trust something like this unless I was sure the > author understood a lot of stuff about a lot of stuff, and that lots > of experts had then examined it from various aspects. There's a > growing body of literature on this. See, e.g.: > > http://www.hindawi.com/journals/ijrc/2010/879281/ > > Having said that, the board I'm envisioning could actually be used for > the quantization stage of random number generation from random events > in time such as alpha decay. > > -- (PS - If you email me and don't get a quick response, don't be concerned. I get about 300 emails per day from alternate energy mailing lists and such. I don't always see new messages very quickly. If you need a reply and have not heard from me in 1 - 2 weeks, send your message again.) Ron Frazier timekeepingdude AT c3energy.com