(no title)

> Couldn’t you just hook up a light sensor, temperature sensor, etc and take the last few decimal places of the reading for a random number

Heat-entropy is of course one of the best and truest sources of random number generation. But a temperature sensor is far more complicated than what you actually need.

All resistors vary their resistance by temperature. This is called Johnson Nyquist noise (https://en.wikipedia.org/wiki/Johnson%E2%80%93Nyquist_noise). Effectively, every resistor you have on the board is generating white noise.

The question is how to cleanly separate the white noise out, amplify it to measurable levels, and then how to feed that into a computer. Various "white noise generators" trace their true entropy to heat noise (ex: Intel's RDRAND assembly instruction has an oscillator which likely varies due to circuit-level heat noise).

I bet that the voltage across any 10 MOhm resistor would be very noisy, and that could probably be a source of noise for any hardware generator design. The issue with MOhm level resistors is that you start to vary the resistance with physical interaction (a human is in the single-digit MOhm region: so if a human touches the circuit board, the circuit may drop its resistance down to 5MOhms or less, which could affect your circuit design very severely).

You could, and this is more or less how your computer generates random data currently. It takes in lots of data from the environment that would be hard or almost impossible to predict. But the amount of entropy you get out of that might be too low for your needs, so instead you use it as a seed for a pseudorandom number generator.

On Linux you can just feed /dev/random with whatever data you want, and it will be part of your seed.

As far as I know, RNGs on computers use the first few digits, not the last. The reason why, and the problem with using the last, is that your laptop probably measures the voltage of a thermistor coupled to a resistor using an ADC. So you're dependent on an ADC (analog-digital converter) chip that takes voltage and gives you a digital signal. If you have a 12-bit ADC (commonly used to measure voltage), that means you get 2^12=4096 bins. So if your maximum and minimum voltage from the thermistor perfectly line up with the ADC's range, and your temperature can vary from -50 to +50C, then you get increments of 0.025 degrees C. It's pretty easy to see that the last few digits are very much not random, and using them would not work!

Mildly related and fun: https://electronics.stackexchange.com/questions/274606/whats...

(if you spend a bajillion dollars to set up a 32-bit ADC with everything needed, and have a 100C range, you get increments of 100/2^32 = 2.33e-8, now that's precise! This probably would be a bad way to get randomness for about 20 other reasons, though)

I read a whitepaper recently that a MEMS accelerometer can provide sufficient entropy to derive random numbers from. Either way, I would treat external sensors as only a raw entropy source, and use them to drive a CSPRNG reseeded from an entropy pool. I don't think it's cryptographically secure to use the values directly. (Maybe an expert could chime in here?)

I've been looking at ways to get cryptographically secure random bytes on low power micros, and that's the approach I'm taking. The standard for CSPRNGs is AES-GCM, which is a bit heavy, though. Anyone know if Fortuna still acceptable to use?