I think what's so attractive about the RTL-SDR devices is that they're so cheap and have such a huge variety of applications.
With a $10 dongle, you can go from tracking airplanes, to reading your wireless electric meter, to listening to local amateur radio, and then to an additional entropy source.
I double I'll ever get tired of playing with this little radio.
one of the dangers of the RTL entropy source project is not that it is predictable, but that it can be made to become predictable. By determining the frequency the device is listening on, you could inject a signal over the air that causes the entropy to conform to a known pattern. Even Lavarand users blend their entropy sources.
Ive used the RTL as a blended entropy source for my kubernetes pi cluster project, but blended it with signal data from the open source FST-01 from the flying stone project. this in turn gets randomly audited by dieharder. http://webhome.phy.duke.edu/~rgb/General/dieharder.php
My RTL entropy generator changes frequencies every 6 hours to a frequency determined by a script referencing /dev/urandom.
> If you're serious about the cryptographic security of your entropy source, you should probably short, or put a 75 Ohm load on the antenna port, and put the whole assembly in a shielded box. Then you're getting entropy from the thermal noise of the amplifiers which is much harder to interfere with than atmospheric radio.
My company sponsored some enhancements to this project several years ago and I blogged about it back then (without much interest).
I still think it's a great effort but as others have pointed out here it shouldn't be your only source of entropy and I'd feel a lot better about it if it were properly reviewed/hammered on.
Still, it's really cool to randomly see the project front page on HN years later!
I've seen enough of these discussions to be able to parrot back to you some of the usual responses. Basically, say that you point your webcam at a perfectly black sheet (0x000000 in color). Will you get any actual entropy from this? No.
Now say you point your webcam at the night sky. On a clear night, I will more or less know what your camera is looking at, and will be able to to narrow down the huge field of possible values presented by sha256 to a much smaller set of possibilities. Knowing when you generated your private key and your method of getting entropy, I will be able to crack your key much easier (doesn't mean easy, just many orders of magnitude easier).
Now, say you point your webcam at a lava lamp, or the display showing characteristics of some quantum process, or something else provably random. Here I can't really tell wtf your camera is looking at. I can of course go and slide that black sheet in front of your camera for a bit. Or stand in front of it. But if you physically secure your camera, then yeah you are doing something right (though of course not everything, as it's quite possible that something in your algorithm is in fact reducing your possible output to only some subset of possible values produced by sha256).
It's the same thing with radio. If you tune it to a signal that's producing a sine wave with a stable frequency... I know exactly what your input is. If you tune it to something like the BBC, I know exactly what your input is, even with some noise. If you tune it to something really random, can I just put a very strong transmitter near your receiver and overwhelm the spectrum such that you are listening to only my signal? And the best part is that you won't know that this is happening even more than with a webcam.
Personally, I wouldn't really want to trust these devices. They are fun. but they aren't practical for this purpose. Where you need real entropy is a data center. And a data center won't be receiving too much radio.
Again, parroting every other thread about this, a reverse biased transistor will give you true quantum randomness which is very cheap, very easy to produce, and is difficult to temper with at a distance without disrupting the rest of your equipment too.
Again, you don't need as much entropy as you think. Your kernel will seed a CSPRNG with a tiny bit of entropy, which is enough to keep you safe for eons after that. You can't "run out" of entropy with that scheme. The biggest issue is to initialize the random number generator with true entropy before you start using it, which is only difficult if you are running virtual machines and the host doesn't provide entropy to it. I believe at least in some schemes the seed used is based on time or some such predictable factor, which doesn't help.
This is an interesting project and I've played with it in the past.
Note, however, you should not use this for any real purpose. I saw a video on Youtube a while back of the author presenting this (at a LUG meeting or some such) and even he warns against using it for any real purpose.
So play around with it, hack on it, etc., but do not, by any means, incorporate this into any process that requires actual entropy for cryptographic purposes.
Von Neumann debiasing is well known, but I was unable to find a reference for Kaminsky debiasing . Can anyone point me to a description of what that is?
I have used youtube-dl with video_entropyd on a newly created DO server. Could be a nice alternative for anyone who hasn't physical access to their server to install such a dongle.
Putting it in a box (what they suggest as an alternative) is better, and you don't need the RTL for that. The whole point is to take as local a measurement as you can.
[+] [-] tomswartz07|8 years ago|reply
With a $10 dongle, you can go from tracking airplanes, to reading your wireless electric meter, to listening to local amateur radio, and then to an additional entropy source.
I double I'll ever get tired of playing with this little radio.
[+] [-] nimbius|8 years ago|reply
Ive used the RTL as a blended entropy source for my kubernetes pi cluster project, but blended it with signal data from the open source FST-01 from the flying stone project. this in turn gets randomly audited by dieharder. http://webhome.phy.duke.edu/~rgb/General/dieharder.php
My RTL entropy generator changes frequencies every 6 hours to a frequency determined by a script referencing /dev/urandom.
[+] [-] amelius|8 years ago|reply
> If you're serious about the cryptographic security of your entropy source, you should probably short, or put a 75 Ohm load on the antenna port, and put the whole assembly in a shielded box. Then you're getting entropy from the thermal noise of the amplifiers which is much harder to interfere with than atmospheric radio.
[+] [-] vvanders|8 years ago|reply
Or you could randomize it, the RTL has a pretty wide receive range.
[+] [-] kkielhofner|8 years ago|reply
I still think it's a great effort but as others have pointed out here it shouldn't be your only source of entropy and I'd feel a lot better about it if it were properly reviewed/hammered on.
Still, it's really cool to randomly see the project front page on HN years later!
[+] [-] Tomte|8 years ago|reply
There are all kinds of conceivable failure modes that software cannot detect, let alone handle.
Statistic tests are good, but only of limited use.
[+] [-] mitchellberry|8 years ago|reply
[+] [-] bloopernova|8 years ago|reply
[+] [-] VMG|8 years ago|reply
[+] [-] IgorPartola|8 years ago|reply
I've seen enough of these discussions to be able to parrot back to you some of the usual responses. Basically, say that you point your webcam at a perfectly black sheet (0x000000 in color). Will you get any actual entropy from this? No.
Now say you point your webcam at the night sky. On a clear night, I will more or less know what your camera is looking at, and will be able to to narrow down the huge field of possible values presented by sha256 to a much smaller set of possibilities. Knowing when you generated your private key and your method of getting entropy, I will be able to crack your key much easier (doesn't mean easy, just many orders of magnitude easier).
Now, say you point your webcam at a lava lamp, or the display showing characteristics of some quantum process, or something else provably random. Here I can't really tell wtf your camera is looking at. I can of course go and slide that black sheet in front of your camera for a bit. Or stand in front of it. But if you physically secure your camera, then yeah you are doing something right (though of course not everything, as it's quite possible that something in your algorithm is in fact reducing your possible output to only some subset of possible values produced by sha256).
It's the same thing with radio. If you tune it to a signal that's producing a sine wave with a stable frequency... I know exactly what your input is. If you tune it to something like the BBC, I know exactly what your input is, even with some noise. If you tune it to something really random, can I just put a very strong transmitter near your receiver and overwhelm the spectrum such that you are listening to only my signal? And the best part is that you won't know that this is happening even more than with a webcam.
Personally, I wouldn't really want to trust these devices. They are fun. but they aren't practical for this purpose. Where you need real entropy is a data center. And a data center won't be receiving too much radio.
Again, parroting every other thread about this, a reverse biased transistor will give you true quantum randomness which is very cheap, very easy to produce, and is difficult to temper with at a distance without disrupting the rest of your equipment too.
Again, you don't need as much entropy as you think. Your kernel will seed a CSPRNG with a tiny bit of entropy, which is enough to keep you safe for eons after that. You can't "run out" of entropy with that scheme. The biggest issue is to initialize the random number generator with true entropy before you start using it, which is only difficult if you are running virtual machines and the host doesn't provide entropy to it. I believe at least in some schemes the seed used is based on time or some such predictable factor, which doesn't help.
[+] [-] jlgaddis|8 years ago|reply
Note, however, you should not use this for any real purpose. I saw a video on Youtube a while back of the author presenting this (at a LUG meeting or some such) and even he warns against using it for any real purpose.
So play around with it, hack on it, etc., but do not, by any means, incorporate this into any process that requires actual entropy for cryptographic purposes.
[+] [-] SlowBro|8 years ago|reply
[+] [-] JoeDaDude|8 years ago|reply
[+] [-] eythian|8 years ago|reply
[+] [-] 2aa07e2|8 years ago|reply
[+] [-] pishpash|8 years ago|reply
[+] [-] mitchellberry|8 years ago|reply
[+] [-] bdz|8 years ago|reply
[+] [-] mlamat|8 years ago|reply
[+] [-] unknown|8 years ago|reply
[deleted]