Sources of Entropy on the Web

StackOverflow https://stackoverflow.com/questions/12274005

Question

In order to guarantee honesty of a random number generator, the idea is that users can, if they wish, verify that the number is, in fact, generated from public sources of entropy. This enables the system to ensure it's users that the random number could not have been selected by the server.

$entropy = "what_do_you_think";
$md5 = md5($entropy);
/*take the first 10 hex characters of the md5 hash*/
$hex = substr($md5, 0, 9);
/*convert the hex to decimal*/
$dec = hexdec($hex);
/*use this decimal as a seed*/  
srand($dec);
/*pick a random number between 0 and 9, ultimately seeded by the entropy*/
$rand = rand(0,9);

My question is: What are some good public sources of entropy (preferably immutable and chaotic), and absolutely referencable, that could be concatenated together in a string and fed into md5? Some ideas are specific stock prices, temperature (from an honest source), the hashes contained in the bitcoin block-chain...

Was it helpful?

Solution

Check out xkcd's geohashing algorithm. I think it is pretty much what you are looking for.

http://wiki.xkcd.com/geohashing/Implementations

The geohashing algorithm uses the DOW Jones as a source of entropy. This page discusses ways to get the Dow's opening price via the web. http://wiki.xkcd.com/geohashing/Dow_Jones_Industrial_Average

But I think the best source of public, immutable, and verifiable entropy can be found in the BitCoin transaction database. It is widely distributed and continuously verified and has a defined protocol.

OTHER TIPS

Get it from a physics department.

http://qrng.physik.hu-berlin.de/

http://qrng.physik.hu-berlin.de/download

or just

http://www.random.org/bytes/

that users can, if they wish, verify that the number is, in fact, generated from public sources of entropy

How do they do that?

Do you give them realtime access to the system's memory to ensure that the assembly of the program running that collects entropy is correct and not malicious?

The security value of using physical entropy is that it's unpredictable, i.e. unknown to anyone but the acquirer. What on earth would be the point of using entropy that could be available to anyone? May as well open up your printout of Pi to a million places and pick a starting point.

Quite apart from that, there is in principle no way to determine whether the random numbers a server gives you were in fact derived from the sources of entropy it apparently uses.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top