From owner-freebsd-hackers  Mon Jul 31 13: 1:34 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP id D4BC537BC22
	for <hackers@freebsd.org>; Mon, 31 Jul 2000 13:01:18 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.3) with ESMTP id WAA05926
	for <hackers@freebsd.org>; Mon, 31 Jul 2000 22:01:01 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: hackers@freebsd.org
Subject: How to make *real* random bits.
From: Poul-Henning Kamp <phk@freebsd.org>
Date: Mon, 31 Jul 2000 22:01:01 +0200
Message-ID: <5924.965073661@critter.freebsd.dk>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Ok, some people just can't leave an open end dangling (people like
me for instance :-)

I located a surplus german geiger counter cheaply [1], I have always
wanted to have one anyway, and in my junkbox I already had an old
smoke alarm [2].  The Geiger counter has a thin-walled tube which
takes about 15 events per second from the Am-241 source in the
smoke alarm.

The earphone output of the geiger counter with a 1kOhm load generates
a nice TTL level pulse which can be fed onto pin 10 of the parallel
port and timestamped with the PPS-API device ("device pps").

I think the parallel port could even power the geiger counter so that
batteries would be a non-concern.

Random bits are bits where no possible estimation of the next bit
is possible.

Entropy bits are bits which it may be possible to estimate with
a degree of uncertainty which is better than the statistical
average.

If I generate true random bits it takes 3 timestamps to get one
bit of randomness:

	T1: Time of event 1
	T2: Time of event 2
	T3: Time of event 3

	if (T2 - T1 > T3 - T2)
		return 0;
	else if (T2 - T1 < T3 - T2)
		return 1;
	else
		try again.

In my rather crude setup it produces about 5 bits per second [3].

If the goal is to only provide entropy for a RNG (like Yarrow) we
can get much more mileage from the same number events: if the
average event rate is N events per second we can get roughly

		/  T		 \
		|   timecounter  |
	log2	| -------------  |
		\       N        /
	----------------------------
		    2

bits of entropy per event, which in my case (233 MHz and 15 events
per second) gives 12 bits per event or 180 bits of entropy per second.

Not bad...

Poul-Henning


[1] At "http://www.Helmut-Singer.de/"  Called "FH40T Satz 2".

[2] Has to be an "ionization" type, otherwise it doesn't contain
    the Am-241 alpha particle source.

[3] Feel free to analyze:

begin 644 random.bin
M8E6*C@L`HFI&I:/C=-8"7J).)`QC4<H_`_3YM9W8?JB&<5,!1SZ%&48PN48E
MN]!*;VTMLK\FKH@@6QWJ6JF=01Z:V(*5C?VA_LN[47$*CDOTDMA-8T0-::2D
M`_<7L5'-&8#GGOSV%X..@&NQR"G3WV]I;"%7>UKC(T[2]+UCAN:UMZ,_3]ZY
MR=#K6QCE%H8-@34$03"$!?!PT'LQ\)>BP[61HP1$5IH"_C&F]5=;EENALI8Z
M2'W`9Q-@AQ]UD.ZBONLN['"-9(]+D'/%R:MTQ,LKS&8496,W@P$?>ZC0!@.+
MMW=LM)\61/_<_+]EU3#8F1.2X6INC$^92%'T3VJ4?O%Q$)O/\R:+'G`F/!0K
M&="/`F4AB'6["JQ]3=J%#^\&S8D>E]X-.S:_B=M<T[4!#;RK.@K>_U.*=&]Q
MXM\_JVB>HT9DEAM8+9@@4`MA[_3W:;"LCA/%W=0;5_K8(<I6E\TXD"FY*>WC
M4T";DDT,2D#E06D9>A&*FGR*6_MD#C:Z""_D#4#H-9#VC-W(X"MS50Z:R7N=
M,PW!A!$=YQ*D;P*$J$=2P4\$NYR_Y4KD[FG(OEW!U,31-N<ZM]3:B!9"?UX]
MR_X\O-C]Z&O7R-"WTSHK7!("5CU4;3AE_:5,`1Z^?@M20N^!AI\MJ'3VBP3<
MZ(>2&S^<]MGDMA?8QO#WQV\,N_IX"6,6<*BM>']?IV=$!-5ATDCJHH"AF*GW
MZR?.7.\-_LO6PQVU4+>F%)=NBV!9*ZBO(`V/66\+ZYM;(>FX5TV'.=4MHOC;
M.IU*B([(\^ILO3NE6H,PC#<PS:40CUI`'ZK)+N@$)62[/CW&'=-W0HJ9]'T0
MCJ?&D))&W?.N.`1M?&%\5ZFIBS>T0\Y<X!V!4-[[0_J+0.6+W>WBG6@H?XXE
MO\W<)$';`8KEC&LNU1DJ7E-ZDA<G^67Y.`5;D"ZJQ)#;_=L*!A+DI..GC\V6
M1V#^G;0;LH+LVON9/EO43D3=.NW_5V?8M=EX5RL3:WT6R?RL1N67].KU!;,C
M&N0QQ_E3*KH,10>T::_,FM@LPPATIH+Y69;J7BURX@3E8#34_)98)>C9;HK+
M?O3"JWA#-_Q5+@O$'M)\FY'[M61XUWZ+E*/_3WW<0(=Y^T4+H@V\3AEFE=S#
MQJ%H=OD:%@A.3(3D0>^X'K@')[HP&H!OLRG72!5E8M*>9D'QB#ZO.!UF.K9<
MPC`0.(6#S=P#2.3LV4:W=[TZPK42&)RR5`:8\4R8M#M#7,Y:V6.J`+WQ>-8$
M?$-R*K'B^*7.8VR3`+A!C*O5U0M%X>$VT!?L1A#K,L8_\`F^'SH=:(2C,MU9
M;.Q@(>4;'^0='>82?6\57>&+1/,'?%4R./'AKXJR>1Z8CCA`,#+PTS_+M?<7
MT<8Y2]4"2JVL4>#GTLBO$8O1A:IS`:+'2'>XB[%DH6;M4H+GGBV6N#\:A&>;
M:,:#T^BTD0F^=)=`A<WQ1^Z5XI*M^3/]!9[:;W?'(O=5W]GCW=7%RAF?6,A!
M"PXR$.&APB>7,NN_,T54-W-J+SN,^B,B6TMH6!QY58Q/HAY(-"*CQ;9I6`G%
MQ!'#PNSH?;DX63R<_#P,#C7:!PK.\;0%2)Q>@-*?&S"S)$@-!L1]1;*/)N,3
MB&JE:!><%O^TDY9PKUQ'Z?,A)QX)WGK7G6M5.5[I!2\/E%U7Q&6"?YE/@25R
M#WIWAGKIG*Q:`P`-J$J2`:],J?&.!'1K;XS1\&7GL/XY$7BR(?^N,/\INW%H
M0OE'_\N/FR5",5!/%'I^^X#NO"&2+24NWVUNVA.@WO^S)0@2`OKL,U8B#`4(
MR8(!D&K(<\XR00M4U/"2N>62,)\!#K@6\>+V#6Q;^?L+&+U;XBU"5=<KH+S/
MZ'$S[7W0(/^,;8/3QDP$R?"+DH2'ZEJN;E(-6IXEZL'HZL&Y44IV$YU-^PAA
M-Z]O[1]U:+7MBF(G!Y49"7RX><[X.!C#NFY,T:2E;6G<S)RE;(8I0XA?_AR%
MJYR*,H0X%@G]P,,2JO%-V2>`O&>>+H@IKOK"$/7V7_:*6E%Y#OH!'[]5&R';
M+Y&CB;()>T?(IPUV*<2<)QK<D)FUON5B4.1".\^@A_M4#FRRY2\U=*1<[7Z%
M)]\,L,U&;H08)(I";>*T&F)2*LU+T>#L:MY?,T":X7R!V!U$K\OY:9"!KK61
M=?D)PJ4#DVV9X.O(\^KC*H\:FR08-!+4(V?K:1$9'G%.TN%(GG9#S%?4P88C
MDS/>,.;H':!1/5%NV5>5/6H6*QX0U>-(-+XA,GU]AB/H#-Q?>VVW!UEY+&?<
M^9BD@;21+&]:>QLCGU/QD$+5>8RQ9$B!!:SD9UOA=;#6=*C1G#7\*_!M7'E\
M8%6XS6LN*F<(_.)T0]:F?([`VOF-&:9?KN`=XSH(KA`>.-27(2G+[2H/NG75
M>M!=N`V]S\X@SE@3@:6*75I$H1%8L(7\1BI6_(,$N56J!7J=R-4**[Y]HI!3
MN4VFY3JRK9/K"_W@S5FK$B,M?[$>_4E>T_@&-7;>'7B\5##I2,^63/WHU<C:
M`89]<;@`&>>QDUP+HK<`?A.V@;Y:;KW(:'F$.@E9Y(3)!MX)W$-G/HA+8E/O
$)&.(Z[@`
`
end

--
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD coreteam member | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message