Generating Genuine Randomness using a 60's icon \ stacker news ~crypto

Generating Genuine Randomness using a 60's icon

6203 sats \ 15 comments \ @Bitman 24 Dec 2023 crypto

https://cacm.acm.org/system/assets/0002/5918/121616_CACMpg13_Pure-Randomness1.large.jpg?1481904869&1481904869

Users on SN know that Bitcoin seed generation needs a good degree of randomness. However some ways of generating random numbers is far more random than others.

Some algorithmic techniques to generate random numbers aren't. They're actually deterministic and reproducible. These are often referred to as Pseudo Random Number Generators (PRNGs).

If one were to rely on such generation techniques, you might find your seed, or your security compromised.

Therefore, in the world of computer security and Bitcoin seed generation, one need to generate what's referred to as genuine randomness.

Some see the dangers of relying of generating non-random numbers and generate random numbers 'by hand'. For instance, some Bitcoiners buy 200 die to generate their seed by roll them all the die at once in order to generate it.

Some companies, and people, choose to think outside of the box - looking for chaos in our physical world in order to generate randomness.

https://blog.cloudflare.com/content/images/2017/11/lava-lamps.jpg

The billion dollar cybersecurity firm Cloudflare.

Cloudflare like any company, have a backup plan. But this isn't backing up data, or power generators, but backup randomness generation.

If ever Cloudflare finds that their source of randomness is compromized. Their backup, has a very Frisco sort of twist about it - their backup partly involves monitoring a wall of lavalamps - in order to guarantee randomness.

https://blog.cloudflare.com/content/images/2017/11/lava-lamps-camera.jpg

Their 60s inspired randomness generator has been given a monicker - LavaRand.

Don't think that Cloudflare have lost the plot or are doing this merely as a publicity stunt. They're serious about this backup and know that the randomness that's generated is genuinely random. They're sure that the movement of the globby lava heated up to move by the lamp is so unpredictable, it's perfect to generate random data.

https://blog.cloudflare.com/content/images/2017/11/Screen-Shot-2017-10-31-at-3.57.19-PM.png

The lava lamps are constantly watched live by cameras before the numbers are crunched. As you can see, just like an avid Bitcoiner, they don't rely on just one source to rely on, they use 96 lava lamps to guarantee genuine randomness.

Cloudflare have yet to call upon their seemingly hippy-inspired, but actually clever way of generating random numbers as of yet; but it's ready and waiting for the call.

In the meantime, it's just a pretty talking point in their lobby.

To read more about Cloudflare's lava lamp wall, and see how they've prevented their random backup system from being compromised, read more at:

https://blog.cloudflare.com/lavarand-in-production-the-nitty-gritty-technical-details

view all related items

706 sats \ 1 reply \ @Krv 25 Dec 2023

How do they secure the camera feed?

520 sats \ 0 replies \ @Bitman OP 25 Dec 2023

You'll see Cloudflare are aware of this potential problem (of capturing this single feed) in the section named, 'Security of the LavaRand Service'.

In every other case, the malicious entropy feed controlled by the attacker is mixed with a non-malicious feed that the attacker can neither observe nor modify. As we discussed in a previous section, as long as the attacker is unable to predict the output of these non-malicious feeds, they will be unable to predict the output of the entropy feed generated by mixing their malicious feed with the non-malicious feed.

I had the same question, but it looks like they've got it covered.

99 sats \ 2 replies \ @xz 24 Dec 2023 freebie

I remember hearing about this. So, for the average person with usual low-tech things at their disposal, besides rolling die, are there any other takeaways on how we could ensure we have pretty good randomness for seed entropy? Could something similar to the lavalamp approach be reverse-engineered, if for nothing other than a learning exercise in how to generate a pretty-well randomized seed?

Asking anyone out there!

371 sats \ 1 reply \ @om 24 Dec 2023

If you have a coin but you're not convinced that it gives exactly 50/50 chances, you can use Shannon's trick: toss it twice. Heads-tails is 0, tails-heads is 1 (or however you want), but same result should be re-tossed. This gives you exactly 50/50 chances out of any coin, even a biased one.

0 sats \ 0 replies \ @xz 25 Dec 2023

Thanks for that reply.

For the life of me I never thought of coin flips as being useful random number generator. Maybe like not seeing the wood for the trees. I've also never heard of Shannon's trick before, will have to read up on the origin. I've a small coin collection to try this out with!

562 sats \ 0 replies \ @yinibould3 25 Dec 2023

Wow, this is fascinating! I had no idea that generating random numbers for Bitcoin seed generation was such a complex process. It's interesting to learn about the different techniques used, like Pseudo Random Number Generators (PRNGs), and the potential security risks involved. Cloudflare's approach with the lava lamps is really unique and unconventional, but it makes sense to ensure genuine randomness. It's impressive that they have 96 lava lamps constantly monitored to guarantee the randomness of their backup system. I'll definitely check out the blog post for more details on how they've implemented this!

31 sats \ 0 replies \ @gd 24 Dec 2023

Love this, the idea of calculating randomness by the photons that hit the sensor has always fascinated me. I’m sure I saw a team do it with an old Nokia phone looking out a window before, really cool stuff

21 sats \ 1 reply \ @ek 25 Dec 2023

Great post, thanks for taking the time to post this! I totally forgot about Cloudflare's setup so this was a great reminder.

Let's make Crypto Cryptography again!

-- #191066

304 sats \ 0 replies \ @Bitman OP 25 Dec 2023

I can see why you claimed it.

When a certain user gets back, he'll be relieved to see that you got their first.

Although he might have been yearning to recreate the scene as Anakin with those unfortunate young ones...

21 sats \ 0 replies \ @sime 24 Dec 2023

There is an obsession with generating your own entropy, although not related to lava lamps, humans are horrible at generating entropy.

https://crypto.stackexchange.com/questions/87978/why-do-some-people-believe-that-humans-are-bad-at-generating-random-numbers-ch/87982#87982

21 sats \ 1 reply \ @OgFOMK 24 Dec 2023

I wanted to do my 24 word phrase using 10 sided die but I couldn't figure out how to do the parity 24th word.

10 sats \ 0 replies \ @Krv 25 Dec 2023

That's a tricky one, but doable. Ideal is with a Seedsigner or ColdCard. They allow you to enter the words and will calculate a valid last word. Or, download the tool, https://iancoleman.io/bip39/, to a usb, load it on a device that has no internet, and it can calculate the last word. Or, use a hardware device to restore your seed and try 24th word until you find a valid one. Tedious, but will work after 256 tries on average.

21 sats \ 1 reply \ @hisatoshi 26 Dec 2023

What are some ways to generate genuine randomness for Bitcoin seed generation?

0 sats \ 0 replies \ @elysia 26 Dec 2023

deleted by author

0 sats \ 0 replies \ @yongterrydoylen2owh7 25 Dec 2023 outlawed

stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.