True Random Numbers with RTL-Entropy

RTL-Entropy is a Linux based entropy generator which uses the RTL-SDR as the entropy source. It works by using the RTL-SDR to sample atmospheric noise and then using that noise to create randomly generated numbers.

This is useful as computers are only capable of generating pseudo-random numbers, which may look random, but are not truly random. For cryptography and security, it is desirable to use true random numbers, as pseudo-random numbers can possibly be predicted. Combining this RTL-SDR based entropy source with other entropy sources may help improve security.

4 comments

  1. Eddie

    Umm… Not to nit-pick or anything but I think the jury is still out on the existence of TRUE random numbers. But yes, for those of us who are not God (or whatever your favorite all-knowing, all-seeing entity may be), atmospheric noise is a great way to get seemingly random information.

    Given a few thousand more years to evolve better brains and develop technology (or become Gods) it is conceivable that we (or our successors) might learn to “sniff” the atmospheric noise in order to predict lightning strikes, earthquakes, or even the price of gasoline.

    If I become a God, I’ll come down and give you a pencil that only writes TRUE random numbers… if you still want it. Then I’ll smote someone because I’ve always wanted to do that.

    • Aaron Toponce

      Atmospheric noise is a horrible way to get random sequences of data. Atmospheric noise is nothing more than an RF receiver, and anyone on the same frequency can manipulate the signal, and manipulate your “random bits”. You’re better off tuning into multiple unique frequencies simultaneously, putting that data into a pool, then whitening. And even then, there is nothing stopping me from manipulating the signals that you’re tuned to.

      The best random data systems are the ones that are closed to external interference, like radioactive decay, avalanche noise, or diode breakdown. Thermal noise could be an option, but if the external temperature of the surrounding environment can be manipulated by a 3rd party, then it fails as well. Shot noise and passing photos through a semi transparent mirror could work, if the system is closed, for the same reason.

      Random numbers is hard. While the rtl-entropy project is cool, I would much prefer to send it through the systems CSPRNG, and get your data from there, rather than read it directly.

      • Toby

        True, but it seems like an unlikely attack, as they’d need to be nearby, but not so close as to have physical access (since presumably that’d be a more serious problem).

Post a comment

You may use the following HTML:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.