DIY Random Number Generator

Compu486 writes "The guys over at Inventgeek have come up with a project and how artical on building a random number generator that is less than 100.00 utilizing radioactive decay. Using some Linux based open source apps and with a little ingenuity and some parts you probably have laying around your house you can build your own."

Typos

[fatwreckfan]

I think it should read:

and how to article on...

And I have to wonder...that is less than 100.00 what?

Re:Typos

[Funkcikle]

The "article" was clearly written by a Random English Generator, powered by tritium and chapstick.

Re:Typos

[also-rr]

And I have to wonder...that is less than 100.00 what?

Fear not comrade, it's all part of the move to make Slashdot less US centric - this way, rather than just having foreigners confused about how much things cost, everyone gets to be confused about how much things cost.

Re:Typos

[dpninerSLASH]

I have to jump on the wagon here as well.

How long would it really take to edit each post before submitting it for public consumption? Slashdot is now one arm of OSTG, and as such their content should be held to the same standards as any other "official" publication.

And please, folks, don't take the easy way out with a generic "slashdot omelet" response: It's the varying points of view that make this site not interesting, not the various manglings of the English language.

Truthfully.

Re:Typos

[espressojim]

It's the varying points of view that make this site not interesting, not the various manglings of the English language.

Would the site having one single point of view make it more interesting to you? Or is this satire?

Re:Typos

[Just Some Guy]

I actually inserted a "percent" after 100.00, and was trying to figure out why an RNG using less than 100% atomic decay was so nifty.

Re:Typos

[azav]

Ya, I really wish we had a spelling checker for Slashdot and that the editors would actually spell check the articles they post.

If you're going to attempt to be viewed as a professional, it helps to be able to pass 5th grade English.

Cheers,

Come on, it's Taco

[blueZ3]

Notorious throughout the slashdot community for malapropisms and misspellings.

Funny thing is, I read an interview with Rob where he said he's currently using a Mac. As far as I know, all recent Macs have the option of turning on spell checking across the OS -- so for instance, typing this on my Powerbook I see red underlines under misspelled words in the "Comment" text box on the submission page. Which means that he's either too lazy to turn this feature on -- or worse, too lazy to try and correct misspellings and typos that are already clearly marked.

Re:Typos

[GigsVT]

This $?

Re:Typos

[larry bagina]

In 1999, when Andover bought slashdot, they paid him a salary of $90,000 (with a 3-year employment contract). That doesn't include the $1.5 million paid for /. or the $3.5 million in stock grants.

I did this in highschool

[Anonymous Coward]

I hooked up a geiger counter to an old school analog game port.

I had a simple C program that just spun between 0 and 255, and when a signal came across the game port it would record the current number.

run that through a hash function of your choice and it worked great.

dont cpus today have some noise generators built into them though?

Re:I did this in highschool

[MustardMan]

Yeah, but I bet you were capable of writing a comprehensible summary of the whole setup when you were in high school

Re:I did this in highschool

[Linker3000]

The Commodore 64 had an analogue white noise generator in the SID ship and its value could be read via a port. Simple.

Re:I did this in highschool

[russ1337]

Even more simple would be hash some posts here on /.

There are some pretty fricken random posts.

Re:I did this in highschool

[CTalkobt]

>> Even more simple would be hash some posts here on /.
>>
>> There are some pretty fricken random posts

Uh, actually no - you're almost always guarentted the following:

1) First Post in the 2nd message. (The first post usually has nothing to do with the article as the person never read it).
2) The 1, 2, 3, 4) Profit?? posts.
3) Natalie Portman and Grits.
4) (Old School) GoatSe posts.
5) Spwelling und Grammmer Misteaks
6) In my day we did it with a 1 bit computer that had 1 value posts.

Nope - Slash

Re:I did this in highschool

[VanessaE]

The "random" generator in the C64, at least the one you refer to, was an all-digital shift-and-drop-bits algorithm used by the SID chip's three noise generators, and is accessed by reading the "voice 3 oscillator" register while voice 3 is set to produce noise (the audio from this voice can be silenced if desired, without affecting the algorithm). The algorithm cycles periodically and, if memory serves, can be reset manually if desired. There is no analog component to the noise generator algorithm.

A go

I did this in elementary school

[vishbar]

Granted, the setup was simpler and it required a bit of trust from all participants, but I've had a home-made random number generator [wikimedia.org] for years now.

Re:I did this in highschool

[MustardMan]

And if YOU knew a bit of just slightly more advanced physics, you'd realize that radiation obeys conservation of momentum, just like everything else. It's very very easy to demonstrate direct correlation between radiation spikes measured when the detectors are the same distance from a sample, but 180 degrees apart. I did this in a sophomore lab in college with some equipment that looked like it was older than I was.

Re:I did this in highschool

[Bromskloss]

And if YOU knew a bit of just slightly more advanced physics, you'd realize that radiation obeys conservation of momentum, just like everything else. It's very very easy to demonstrate direct correlation between radiation spikes measured when the detectors are the same distance from a sample, but 180 degrees apart.

I'm not quite clear on how you say you are placing the detectors. In any case I think we are talking about detecting single particles here. That is, if a particle is is detected in one detector,

Re:I did this in highschool

[MustardMan]

Not quite right, but It's a moot point - I was thinking about the wrong type of radiation. In the case of positron/electron annihilation, which occurs during the decay of, say, sodium-22 (if memory serves), there is no particle left behind - thus, to conserve momentum, there must be two photons which are emitted in opposite directions. If the two dectors are in a straight line with the sample in the middle, they will detect events at the same time. However, that isn't the case here, as the radiation in q

Re:Coincidence photons are from positron decay...

[MustardMan]

You're half right... the experiment in question was indeed positron decay... BUT it was completely a result of momentum conservation. There is no particle left behind so the momentum has to be carried away in a pair of photons, and not a single one.

You're also right that this doesn't apply to aplha decay, because momentum is conserved via the slight recoil in the nucleus - that was a brain fart on my part remembering which type of radiation we're dealing with here.

What you are COMPLETELY FUCKING WRONG abou

Editors?

[AntsInMyPants]

I know the English may not be the submitter's first language, but it would be nice if the editors....um, you know....*edited* the piece so it made sense.

Michael (Who now sits back and waits for people to pounce on my spelling/grammatical mistakes)

Re:Editors?

[WilliamSChips]

"I know the English"--WRONG.
"I know that English"--RIGHT.
Hey, you asked for it!

You did, as well.

[Elemenope]

If you parse the original sentence, it is still technically correct (if a little odd); we often do not use the definite article 'the' to describe something like a language, but it is implicit, especially when making normative standards, that there is a definite object to compare. 'The English' refers to an objective standard; whether such an object even exists is another matter not even vaguely related to the question at hand, and irrelevant, since properly constructed statements may refer to virtual or non-sensical subject matter and still be syntactically well-formed. Interestingly, the difference between "the" and "that", while substantially changing the structure of the sentence, does not much change its content; it basically means the same thing!

Re:You did, as well.

[monoqlith]

Examples:

I have some bad news: you have a scorching case of the syphilis.
-OR-
My bloog sugar is getting high, so I have to watch out for the diabetes.

Re:You did, as well.

[Jonner]

Wow, I thought I was picky about precise language, but you are a grammar Nazi of exceptional eloquence.

Re:You did, as well.

[StikyPad]

Eloquence is technically a characteristic of speech, not writing.

Re:Editors?

[sumdumass]

Doesn't

I know the english language may not be the submitter's first language,

work too?

I guess the question might be; did leaving the understood laguage part out have anything with the thinking that "that" should have replaced "the". or could they have both worked?

Re:Editors?

[Ithika]

Strangely enough you wouldn't be able to make that claim about Gaelic though: the accepted way of talking about someone who knows that language is "having the Gaelic":

• Do you have the Gaelic?
• He has the Gaelic
• How many people have the Gaelic in the whole of Scotland?

More difficult Rnd() generator

[LiquidCoooled]

I once collected loads of old broken smoke detectors and ripped out the small cell of americium from each of them.
I placed them into a big ball wrapped in tinfoil (shiney side in), then used my fathers' geiger counter to supply random numbers.

Its been working well, I've been counting the number of years its been running on my fingers, so far I've got to 13.

*note, this is totally false, but there was some stupid kid who did something similar.

Re:More difficult Rnd() generator

[Anthem.uxp]

The Radioactive Boy Scout

http://www.dangerouslaboratories.org/radscout.html [dangerousl...tories.org]
http://en.wikipedia.org/wiki/David_Hahn [wikipedia.org]

Re:More difficult Rnd() generator

[ChairmanMeow]

You've got 13 fingers now?! For Christs's sake, throw that thing away. It's not safe!

Perhaps he's counting in binary on his fingers, in which case he only needs one hand.

Re:More difficult Rnd() generator

[YU Nicks NE Way]

Where'd the "3" come from if he's counting in binary? Did you pick a non-standard numeral set?

Old-school

[amliebsch]

Whatever happened to just mashing your fists on the keyboard?

Re:Old-school

[Quila]

Not very random, as your fists may tend to fall in certain places when statistically analyzed.

Re:Old-school

[antifoidulus]

What if you pound your head on the keyboard instead? Or, *shudder* your butt?

Re:Old-school

[StikyPad]

Then the probability of pressing any given key would quickly approach 100%.

Re:Old-school

[Jerf]

Yes, but the programs that use this don't use just the key distribution. First, they also use the time the keystrokes occur, which is reasonably random.

Second, you can measure "how random" something is (for suitable definitions of "random") by measuring its "entropy", which is a measure of how many "random" bits is in a given input. The entropy of English text is 1.1 to 1.6 bits per character [wikipedia.org], which means to safely obtain a 128 bit key from a bit of English text you need almost as many characters as you want bits. "Smashing on the keyboard's" randomness will probably vary even more, from perhaps as low as ~.5 if you smash poorly to 2.5-3 if you smash "randomly", but you also get the entropy from the timing information, which if you use a very-high-resolution clock contributes several bits itself.

So, basically, this "statistical analysis" problem is extremely well known, and very well quantified, down to the fractional number of bits of randomness that you can extract from a bit of text. Since these fractional bits can just be added together (four "English text characters" at 1.5 bits apiece gives you 6 strongly-"random" bits), the solution turns out to be very simple: Smash on the keyboard longer, until you've got at least as much entropy as you have bits. Voila, a strongly-random key suitable for almost all purposes. (It probably is suitable for all purposes, but taking a key from radioactive decay has the advantage of letting you know the key is random, whereas with this technique you can only be "very, very, very sure".)

Handled properly, it's not a problem.

Many, if not most, modern systems will also maintain an "entropy pool" at the OS level, which uses interrupt timings and other such events to feed the pool, which can then be drawn on by programs in lieu of reading the keyboard directly. This works nicely, and among the inputs used is keyboard and mouse events.

The nice thing about the entropy pool is the input can really come from anywhere. It doesn't have to be totally random to contribute, it just can't be totally predictable.

Re:Old-school

[Atzanteol]

I think that's what the submitter did while summarizing the article...

Not as geek but safer

[click2005]

This project seems to work well... http://www.lavarnd.org/ [lavarnd.org]

Re:Not as geek but safer

[Kazymyr]

To: All Employees
From: Executive Management
Date: Sun Aug 13 09:33:39 2006
Subject: Important Announcement

Surely, we can conclude that the technological method of empowerment indicates that the dialogue dramatically blows them away. We are ahead of the the product lines curve. I think that the paradigms impact the multimedia based ke

I used a photo of smoke over Beirut as the source

[wsanders]

and it repeated itself after 400 iterations.

Here's the money graph

[patio11]

>>
  One of the applications I have envisioned for this project is a cheap and easy genuine random number generator. True random numbers in computing are nearly impossible, and successful solutions are very expensive systems based on radioactive decay or atmospheric measurements, for example. Using a small / relatively safe radioactive source and a high res CCD or CMOS sensor and assigning a value to each pixel and perhaps mixing in an algorithm or two with an inexpensive practical PCI card that is capable of generating genuine random numbers. Applications that could greatly benefit from this would be encryption, security applications, Computer AI and the Gambling establishment to name a few.
>>

Actually, no, none of these really benefit from "truly random numbers". The applicability of randomness to AI is... spurious at best? For gambling, you just have to be reasonably sure that someone can't predict in advance what your random sequence is going to be, and the Mersenne Twister plus any unknown piece of data as a seed is good enough at resisting everything our current understanding of mathematics can throw at it. (Yes, thats security through obscurity... in the same way that hiding your server behind locked doors, a firewall, and a secure password is security through obscurity. Its both necessary and sufficient.)

Encryption, similarly, would not benefit from transitioning from an "almost perfect" pseudo-random generator to a "perfect" random generator. For your security to fall based on random numbers, someone needs to be able to not just come up with a theoretical imperfection (ahah, 200 million runs of this random number generator and you'll notice it slightly skews away from these five integers!) but have to crack it wide open. Yay, yawn.

Now, radiation + poorly understood mathematics = geek high, I know. But in terms of practical application this gets a near zero.

Clarification regarding Twister

[patio11]

P.S. Clarification: if you're using the Mersenne Twister in a *real life* application that plus a seed value is good enough for a gambling application. For example, if you're generating nice big integers and then taking %6 to get the value of a die or using them to shuffle one or ten or a hundred decks of cards. If, on the other hand, you have some contrived game where you are passing the output directly to the player and continue in the same sequence for a rather improbably long time a player could figure out what sequence the Twister was on and then successfully predict all numbers in advance. But this is one of those earn-you-bonus-points-with-your-CS-professor-and-n ever-use-again pieces of trivia, because in the real world you have to basically design the system to fail for it to fail in this manner.

Wrong. Encryption is a valid application.

[njdj]

Actually, no, none of these really benefit from "truly random numbers"

A random number generator is the best way to generate good cryptographic keys. Pseudo-random numbers are not good enough, in fact that is the commonest kind of "snake oil" in the encryption world. See Bruce Schneier's site [schneier.com] for examples.

A very long random sequence can be used as a one-time pad, giving completely unbreakable encryption if the sequence is truly random.

Re:Wrong. Encryption is a valid application.

[kestasjk]

1) The problem with one time pads isn't generating random text to XOR with, it's getting that text from A to B without relying on weaker crypto.

2) Pseudo-random number generators (with a sufficiently random seed) aren't good enough? Then maybe you'll be able to tell me what comes next after this base64 encoded output of the /dev/urandom implementation on FreeBSD:

QPoiNHKXSHYGks3IreT4sGsZgnBTdLEt6OknLOoePAmAjNof yJtbv7Jgl0KOdIqjmUwXiBzOWGaT HCJZaPGdcyVKtQk6nRGej5explzMc/GDNk1AnyDdtPP+talfMT lMjI7AThTRprNd

Re:Wrong. Encryption is a valid application.

[tangent3]

I'm not sure about how /dev/urandom works on FreeBSD, but on Linux it's not a pure PRNG. /dev/urandom on Linux grabs entropy from /dev/random (which is a true RNG) and reverts to using PRNG when it's out of entropy.

Not practical?

[twitter]

the Mersenne Twister plus any unknown piece of data as a seed is good enough at resisting everything our current understanding of mathematics can throw at it. ... [blah blah blah] ... in terms of practical application this gets a near zero.

Oh, so you would not want to have an $85 seed generator would you? If 1.3 million possible combinations are not good enough for you, you could always combine more hits to get any resolution you wanted. Then you feed that back into your twister [umich.edu] or whatever. This el

Re:Here's the money graph

[maird]

Intel has had the same thing on its chipsets for many years, i.e. an I/O device rather than a CPU instruction. IIRC, it takes around 5ms per bit. On the subject of the practical utility of the "invention", does the author now have an excellent source of one time pads for encryption? That knock at the door is the NSA or the CIA, start the fire now.

Re:Here's the money graph

[khallow]

But as I recall, these Monte-Carlo methods also on occasion found flaws with various pseudo-random generators. An obvious compromise is to use a large but storable amount of true random numbers as a seed to a big pseudo-random generator. I assume this is often done.

A second problem is the speed of random number generation. It is always substantially behind the speed of pseudo-random generators in use, often by several orders of magnitude compared to the quick and dirty generators, I think.

Re:Here's the money graph

[asuffield]

The author is almost certainly referring to that, and it's bogus. There are pseudo-random number generators (L'Ecuyer's Tausworthe generators are commonly used ones) which have been proven to be as good as you can get for such statistical purposes, in that given a sequence of random numbers from that generator, you cannot tell what generator it came from or otherwise distinguish it from 'true' entropy. Given the knowledge of the generator algorithm and a sufficiently long sequence from it, you can determine

Why not using a live webcam?

[G3ckoG33k]

Why not use a live webcam? Select a number of pixels as source, label them as you wish and start compute. I mean, incoming photons ought to be fairly random too.

Re:Why not using a live webcam?

[amliebsch]

This has actually been done, using the fluctuations of lava lamps as a photon seed. http://www.lavarnd.org/ [lavarnd.org]

Pretty cool, but

[vadim_t]

For a practical solution, I'd just get a VIA Nehemiah CPU. The later ones have an embedded RNG, and do AES at truly amazing speeds. The actual CPU performance is quite bad compared to pretty much anything else, but it makes a nice quiet box if you don't need vast amounts of CPU power.

And besides, why the emphasis on shielding the camera? You'd think that for a RNG interference is good as it adds more randomness.

Re:Pretty cool, but

[aXis100]

That depends if the interference is random.

I can think of lots of non-random interference sources - Mains 50Hz, CPU Clock, USB Clock, other data signal on the USB cable, etc.

Re:Pretty cool, but

[Anti_Climax]

Don't downgrade your CPU for a thermal noise based RNG. Just drop one of these [idquantique.com] in your machine of choice and enjoy the Quantum derived random numbers :-D

Re:Pretty cool, but

[vadim_t]

I just googled around, and while no price seems to be quoted on the page, a posting in a newsgroup mentions this thing costing $1200. Right. For that price I can get the VIA board, plus a full upgrade to my computer. And my Tyan Tiger MPX which cost about $250 contains a RNG as well.

units

[Digitus1337]

Less than 100.00! I've waited at least the past 8 for something like this!

Re:units

[Gnavpot]

Less than 100.00! I've waited at least the past 8 for something like this!

You should buy more than one. I have heard that they only last 1½-2.

I seem to remember

[npcompleat]

There was a study done that asked a group of people to come up with a string of random ones and zeros. Unsurprisingly, after statistical analysis, they weren't very good. But the fantastic bit was to ask another group to pair off and for each of them to try to outguess the other: let your opponent see your string of ones and zeros so far and then try to make the next bit the opposite to the one they are likely to pick. Amazingly, these random strings were impressively more random. Perhaps we've evolved special pseudo-random number generators to allow us to be sneaky.

[I know, a reference would have been nice, but age does terrible things to your internal bibtex database]

Re:I seem to remember

[gardyloo]

This was referenced in the book Complexity by Waldorf. At least in that context, it was about a competition among computer programs and genetic algorithms. It may also have shown up in Hofstadter's Fluid Concepts and Creative Analogies. Of course, it may have been done far earlier than the mid-80's, but those are the two books I'd look at first.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:cheap alternatives

[khallow]

One thing appealing about the radioactive method for generating random numbers is that it's inherently tied to quantum processes. This is thought to be more likely to be nondeterministic than methods dependent on classical sources of randomness. So audio entropy in particular is classical. The video entropy is partly dependent on classical entropy. Additional problems are that you may need to worry about subtle correlations in your random noise source. A simple architecture with an almost truly random sourc

Another approach

[FlyByPC]

John Walker, of Autodesk fame, did a similar project [fourmilab.ch], although with a simpler count-the-clicks approach. I copied it using an off-the-shelf Geiger counter and a piece of Autunite; it works well.

No analysis?

[rotenberry]

This is a well done hardware project, but there was no analysis demonstrating that he could generate random numbers using this hardware.

For example, see

http://en.wikipedia.org/wiki/Pseudorandom_number_g enerator [wikipedia.org]

http://www.phy.duke.edu/~rgb/General/rand_rate.php [duke.edu]

http://www.findarticles.com/p/articles/mi_qa3742/i s_200201/ai_n9046353 [findarticles.com]

Typically silly

[m.dillon]

Randomness exists in nature all over the place. In fact, in every single atom, simply because we are not living in a world that is anywhere near a temperature of absolute zero. A johnson noise generator costs a few cents. In analog electronics, keeping randomness *OUT* is actually the harder problem.

Frankly, you don't need all that much true randomness to generate random numbers. You just need to be able to continuously seed a CSPNG from a random source, and not even at a very high rate. A few bits a second is plenty.

Move along,

-Matt

Re:Typically silly

[bitrex]

For anyone interested in doing some experimenting, an NPN transistor connected to a power-supply through a large resistor, with its emitter and base connected to ground makes a great johnston noise source. Take the ouptput from the collector, amplify with an op amp and low-pass filter it, and feed it to an A/D converter and you've got a good starting point for experimentation.

We use /dev/urandom

[the_duke_of_hazzard]

It's good enough to have been passed by all the regulators and is used by our online gaming systems.

Don't try this at home, folks!

[iansmith]

A few things of note about dealing with smoke detector sources.

First, removing the source from a smoke detector is illegal in the US. I'm not aware of anyone being put in jail for doing it, but with the state of affairs currently I would not go posting the fact that you did it all over the internet.

Second, those sources can be very dangerous if mishandled. The source is coated in a THIN layer of gold and/or silver.. only a few atoms thick. If you touch it with anything you will break the seal and contaminate the object. If you then happen to touch it, you have a good chance of ingesting or inhaling it. This is bad. Am-231 is what is called a bone-seeker. It will be used in new bone growth and eventually kill you by causing bone tumors and other cancers.

Now with a little care you can be pretty safe, but the article in question should have been a little more explict about the dangers involved here.

Why does Inventgeek hate our freedom?

[FatSean]

If we cannot show the government that we are responsible enough to use our smoke detectors in a safe manner, they will take them away from us!

Re:Why does Inventgeek hate our freedom?

[mark-t]

Nah... the Fire Department wouldn't let them unless there was an alternative.

Re:Why does Inventgeek hate our freedom?

[iggymanz]

they don't behave the same way as the ionic ones, the types of fire you expect to warn against should be your guide as to the type of detector to get. The ionization detectors are most sensitive to small smoke particles, and the photoelectic ones to large particulates.

Nitpicking correction

[Anonymous Coward]

Am-231 is what is called a bone-seeker

The isotope used in smoke detectors is Am-241, not Am-231. Am-231 is too unstable to be listed in standard isotope tables.

Of course, all isotopes of Americium are bone-seekers, so your point remains valid, though I find it a bit nannying. The quantity of Am-241 in a smoke detector is really minute.

Re:Don't try this at home, folks!

[cdrguru]

There was not too long ago someone in the Detroit area that assembled a great number of the innards of smoke detectors. He was trying to build something, I forget what. The net effect was that his adventure with smoke detectors required a NEST team to come in and clean up. It was not a trivial matter.

He also managed to get his hands on some other radiation sources as well, so it wasn't just some smoke detectors. However, smoke detectors are nothing to fool around with disassembling.

Re:Don't try this at home, folks!

[iansmith]

Yes, that was David Hahn [amazon.com] who used quite a bit of social engineering to get information and equipment to build his own little breeder reactor in his mothers garden shed. A very interesting story. Lots of writeups all over the web.

Re:Don't try this at home, folks!

[John Hasler]

He didn't build any sort of reactor.

Re:Don't try this at home, folks!

[khallow]

Elaborate please. I find that the slashdot crowd doesn't like bald statement of fact. Especially when the statement is wrong.

Re:Don't try this at home, folks!

[hr raattgift]

On the contrary, he had assembled the pieces of a small and subcritical but reasonably efficient 232Th-fuel-cycle reactor that was happily, if slowly, breeding 233U.

With some attention to geometry, which is suggested by his parcelling of ash, his 232Th had a reasonable probability of capturing slow neutrons from his small emitter, becoming 233Th, which quickly beta decays into 233Pa which in some days beta decays into 233U . His neutron spectrum was sufficiently fast that more 233U fission than actinide pr

Re:Don't try this at home, folks!

[John Hasler]

> I forget what. The net effect was that his adventure with smoke detectors
> required a NEST team to come in and clean up.

It got such a team. Whether it required one is another question entirely.

Give Him a Break

[justinchudgar]

From the article, it seems that he was creating something to satisfy his personal curiosity. He put together a good simple plan and actually made it work. That is interesting, fun, and admirable. I did not get the feeling that he set out to save the world from pseudo-randomness; as many have noted, it does not need saving. If he made some over-enthusiastic claims about the utility of his creation, who cares, he made it and it works; and, that is cool. Now, if next week, he starts hawking them at $250.00 ea

Radiation/Science/Geek combo

[ElephanTS]

There seems to some possiblity for the creation of a superhero here. Wonder what his ability would be?

Is radioactive decay really random?

[dpbsmith]

For the better part of a century, radioactive decay is what scientists always use when they want to invoke a natural process that is "random." But is radioactive decay really random... that is, are there, say, well-established quantum-mechanical equations that predict this? Or is it merely chaotic, or not known to be predictable... like the popping of kernels of popcorn in a microwave, or, for that matter, the spins of a roulette wheel?

Re:Is radioactive decay really random?

[John Hasler]

> But is radioactive decay really random...

Yes.

Re:Is radioactive decay really random?

[ArbitraryConstant]

For the better part of a century, radioactive decay is what scientists always use when they want to invoke a natural process that is "random." But is radioactive decay really random... that is, are there, say, well-established quantum-mechanical equations that predict this?

The decay of an atom is a fundementally probability-driven process. You can predict the half-life of a material on a large scale, but it is impossible to predict the decay of an individual atom. And, every signal received by your detector

don't need radiation

[roman_mir]

You don't need radiation to make a randomizer from a camera. How about pointing the camera out of a window at a road. The cars, the people and other objects (birds) will move around supplying you with random data. Or you could have a transparent plastic box full of mosquitos or flies and point the camera at that ;)

How about using a soundcard and ambient noise? Or you could use an AM radio receiver for static noise. There are plenty of other sources of randomness.

Re:don't need radiation

[gr8dude]

Hmm, but if I know that the camera is pointed to the road, I can bias your randomizer by driving the same car on the same path, at regular intervals; or by placing an object near the camera (taking up most of the picture, thus minimizing the impact of the truly random objects in the picture).

Re:don't need radiation

[roman_mir]

light reflected from the cars will always be different.

Re:don't need radiation

[roman_mir]

so how are you supposed to control the traffic on the street or ambient noise or a box of flies?

True random number from random.org

[objekt]

http://www.random.org/cgi-bin/randnum?num=1&min=1& max=100&col=1 [random.org]

The internal version is a bad idea

[chriso11]

I don't recommend the internal PCI version - you shouldn't place a gamma emmitter (yes, for the pedantic, Am241 is PRIMARILY an alpha emmitter) inside your case. You will be increasing the odds of a memory bit flip or such.

Wet Hot American Summer

[blake213]

No dungeon master worth his weight in geldings goes anywhere without his... twenty-sided die!

A simple 1/ megabit/sec generator for cryptography

[smilindog2000]

I put together a simple random number generator in the late '90s using avalanche noise from the reverse break-down of a cheap transistor's emitter/base junction. I amplified it with a simple supply noise insensitive 4-transistor amplifier, and pushed it through an 8-bit 40 megabit/sec Analog Devices A/D converter. I xor-ed 80 samples together, while rotating bits in between samples. I used a $3 Lattice PLD to interface the board to an old PCs ISA bus.

I generated a CD full of random data, which anyone is willing to have if they want it. I've tested it against the "Die Hard" tests, and almost all the 10-meg files pass. There is one test that failed now and then, so I contacted the statistics professor who wrote it. I showed him that his own random number generator, thought to be nearly foolproof, failed the same test with the same probability. It seems I found a bug in his program!

Total cost for components is $10. Anyone who is interested can have schematics for free. Contact me at bill@billrocks.org.

The theory behind it is simple... who cares if the bits from the source are completely random? It turns out you just need a LITTLE true randomness from the source. By xoring bits together that have some randomness, you quickly approach truly random. By my estimate, only God would ever know the difference for the data I generated from perfectly random data, since the board could generate data for billions of years before accumulating even one bit of non-random data in it's output.

Mathematical proof:

Two semi-random bits b1 and b2 each contain small amounts of
non-random noise which we can call d1 and d2. Note that d1 and d2 can
be correlated, and usually are. The notation P(expression) means the
probability that the expression will be 1.

I define P(b1) and P(b2) as:

P(b1) = 0.5 + d1
P(b2) = 0.5 + d2

Both d1 and d2 have a range of -0.5 to 0.5. Xoring b1 and b2 together gives:

P(b1 ^ b2) = P(b1 & !b2) + P(!b1 & b2) = P(b1)*P(!b2) + P(!b1)*P(b2)
= (0.5 + d1)*(0.5 - d2) + (0.5 - d1)*(0.5 + d2)
= 0.25 - 0.5*d2 + 0.5*d1 - d1*d2 + 0.25 + 0.5*d2 - 0.5*d1 - d1*d2
= 0.5 - 2*d1*d2

Squaring a small number makes it very small indeed. If d1 and d2 are
already 0.01, then xoring b1 and b2 together results in a random bit
noise level 0.0002. This leads to the following equation for the
amount of non-random noise defined as n(bits) given the number of bits
in the xor sum:

n(1) = d
n(2) = 2*n(1)^2 = 2*d^2
n(4) = 2*n(2)^2 = 2*(2*d^2)^2 = 2^3*d^4
n(8) = 2*n(4)^2 = 2*(2^3*d^4)^2 = 2^7*d^8 ...
n(i) = 2^(i-1)*d^i = .5*2^i*d^i = .5*(2*d)^i

Here's how you can use this equation. Lets say you believe you have
non-random noise levels of no more than d. You want the noise level
to be less than N. We want to compute the number of bits needed, i:

N = n(i) = .5*(2*d)^i
2*N = (2*d)^i
log(2*N) = i*log(2*d)
i = log(2*N)/log(2*d)

So, for example, if you feel your non-randomness per bit is less than 10%,
but you need less than 1 part per billion, we compute the number of bits
needed in the xor-sum:

i = log(2*10^-9)/log(2*.1) = 12.5

In other words, just xor together at least 13 bits.

Re:A simple 1/ megabit/sec generator for cryptogra

[strikethree]

I generated a CD full of random data, which anyone is willing to have if they want it.

640 megabytes is a little much for my connection to handle right now. Could you compress it and send it to me please? :P

strike

Silly...

[rthille]

I just use a female-mood-detector. That's _my_ source of high-grade randomness.

Atmospheric noise...

[Assmasher]

...in certain bands aggregates as totally random. Use that. You know how Madam Curie died, don't you? ;)

Re:Atmospheric noise...

[Assmasher]

X-rays are a form of radiation, but I was under the impression that her direct experimentation (not sure at what stage) with radiological materials was the most likely cause of her untimely death.

apparently

[frieko]

IIRC Random.org [random.org] just uses a soundcard and a radio tuned in between channels and collects atmospheric noise. Sounds much simpler/safer.

Re:apparently

[John Hasler]

> ...a soundcard and a radio tuned in between channels and collects atmospheric
> noise.

Depends on what you are using the random numbers for. An opponent could transmit known patterns on that frequency, or the vagaries of radio propagation could replace the noise with a station.

> Sounds much simpler...

Simpler is a noise diode and a comparator. Sticking the americurium to the diode might up its output a bit.

> ...safer.

There is no significant risk.

Re:Natural Language - Integer Value

[amliebsch]

Even more impressive is its automatic units conversion. 100 volts / 200 milliamps [google.com]

Re:Europe

[rkww]

Huh? Ionization smoke detector [safelincs.co.uk]