Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Math IT Technology

The League of Entropy Forms To Offer Acts of Public Randomness (duo.com) 66

Cloudflare, along with a group of individual and academic partners, is forming a new coalition that will provide truly random, unpredictable numbers for a variety of applications, including election systems and lotteries. From a report: The problem of producing truly random numbers on a consistent basis has been a thorny one for cryptographers for many years. There have been plenty of efforts to establish sources of randomness, with some success, but one of the drawbacks is that any single randomness generator can be a target for abuse by privileged insiders or outside attackers. This is especially true in high-value applications that require random numbers, such as lottery or election systems. Also, if a given source of random numbers fails for any reason, the applications that rely on it can be crippled, as well.

To help address this problem, Cloudflare has teamed up with the University of Chile, the Ecole polytechnique federale de Lausanne, and several individual researchers to form a consortium of randomness beacons distributed around the world. The system is based on the drand randomness beacon developed by Nicholas Gailly, a researcher at Protocol Labs, a research lab for network protocols, and the aim is to have a distributed network of beacons that will always be available. "Our founding members are contributing their individual high-entropy sources to provide a more random and unpredictable beacon to generate publicly verifiable random values every sixty seconds. The fact that the drand beacon is decentralized and built using appropriate, provably-secure cryptographic primitives, increases our confidence that it possesses all the aforementioned properties," Dina Kozlov, a product manager at Cloudflare, said.

"This global network of servers generating randomness ensures that even if a few servers are offline, the beacon continues to produce new numbers by using the remaining online servers. Even if one or two of the servers or their entropy sources were to be compromised, the rest will still ensure that the jointly-produced entropy is fully unpredictable and unbiasable." Random numbers are vital to many kinds of systems and there are plenty of hardware and software-based random number generators. But more than one RNG has been found to have a bias, whether intentional or accidental, so randomness beacons emerged.

This discussion has been archived. No new comments can be posted.

The League of Entropy Forms To Offer Acts of Public Randomness

Comments Filter:
  • by Anonymous Coward on Monday June 17, 2019 @02:33PM (#58777402)

    Where have I heard of this before...

    Oh right, NIST... and does anyone remember what happened with NIST and their pseudorandom initialization box, that turned out until a very common programming error to provide less entropy than specified in an easy to predict fashion?

    Cloudflare falls into the same trust model, as Google's successor, as Google becomes the new Microsoft.

  • by Tablizer ( 95088 ) on Monday June 17, 2019 @02:43PM (#58777452) Journal

    Just hook it up to you-know-who's Tweets.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Voldemort tweets?

  • Not sure on what the correct alignment would be - chaotic neutral?
  • by pesho ( 843750 ) on Monday June 17, 2019 @02:49PM (#58777506)
    The writers at Marvel must be pulling their hair for not coming with this first. This is a perfect name for a villainous organization.
  • The only source I trust for true randomness is Dr. Sam Laserowitz.
  • Defining Randomness (Score:4, Interesting)

    by nuckfuts ( 690967 ) on Monday June 17, 2019 @03:44PM (#58777914)

    There are two things about sources of randomness that I find interesting. One is how to generate random numbers, as this article discusses. The other, I think deeper, topic is how to define randomness to begin with.

    For example, suppose you wanted to randomly generate digits in the range of 0 - 9. One seemingly sensible characteristic of your "random" output might that that no particular digit should appear more often than the others. However, if you design for even distribution of digits, you are then producing something that is no longer "random" due to your imposed condition.

    I don't profess to know any answers to this. As I said, I simply find it interesting. Perhaps some more informed readers can provide some enlightenment on the dilemma of defining what randomness means in the first place.

    • Kolmogorov (spelling varies) randomness is quite an interesting definition. And my favourite one.

      K-random (property of a bit-string B) means (roughly) that there exists no program whose code is shorter than B that can generate B.

      Again roughly, this means that no one can figure out the pattern (of sequential bits) in B and write a program to generate that pattern.
      You can always write a program of length len(B) that generates B. i.e. the null program with input B.

      Unfortunately, I believe it has been proven th
      • Kolmogorov (spelling varies) randomness is quite an interesting definition. And my favourite one.

        K-random (property of a bit-string B) means (roughly) that there exists no program whose code is shorter than B that can generate B.

        Kolomogorov complexity is very interesting, but it really describes entropy, or information content, not randomness. It's really about the distribution of a random variable, not about the variable's randomness. Randomness also requires unpredictability which is a property of the generation process, not a property of the generated data.

        To a cryptographer, "public randomness" appears at first glance to be an oxymoron... if the data is public it's predictable, and therefore not random, even if it was gener

        • https://books.google.ca/books?id=keCpCAAAQBAJ&pg=PA69&lpg=PA69&dq=%22k-random%22+Kolmogorov&source=bl&ots=foBX01znnx&sig=ACfU3U33bloYtfIrXCIJN_RljQw7Wn7wMg&hl=en&sa=X&ved=2ahUKEwjKpJnPrfbiAhWCjVkKHfdpDr4Q6AEwBnoECAkQAQ#v=onepage&q=%22k-random%22%20Kolmogorov&f=false

          Unpredictability of the generation process can be seen to be trivially equivalent to unpredictabilty of the next bit in the bit-string (for all such next bits), where the observer (the entity/process tr
    • One seemingly sensible characteristic of your "random" output might that that no particular digit should appear more often than the others.

      But that's not how to characterise randomness. Of course a digit may appear more often than another. The point is that no particular digit should *have a probability* of appearing more often than another. Generate 10 numbers and getting no digit more often than another would point to it not being random... except if it is random than having no digit more often than another is a possible random solution, as is having a sequence 1,2,3,4,5,6,7,8,9,0.

      The only way really to determine if you have true randomness

    • For example, suppose you wanted to randomly generate digits in the range of 0 - 9. One seemingly sensible characteristic of your "random" output might that that no particular digit should appear more often than the others. However, if you design for even distribution of digits, you are then producing something that is no longer "random" due to your imposed condition.

      I would start here [wikipedia.org]. Read about probability distributions, in particular, to see why your concern that ensuring a uniform distribution might make the result non-random isn't an issue.

    • by AmiMoJo ( 196126 )

      Randomness is usually defined by being unpredictable. Any predictability tends to weaken the random number generator for many of the purposes it can be used for, such as picking lottery numbers or cryptographic functions.

      For example, if you have a crypto function that uses a random key, but you know that the key is probably biased towards certain numbers, you can optimize your brute force attack to try those numbers first.

      Of course that means you need to define what predictable means. It can be as simple as

  • All this effort because people are basically shit. Well done.
  • by Anonymous Coward

    and for god's sake don't get the idea in your head that centralized randomness, controlled by the world's largest man-in-the-middle Cloudflare is somehow the secure solution to a problem we've already solved.

    As with much else involving Cloudflare, stay the hell away, or they and the government they answer to will be all up and inside your IT.

    • Yeah I think it is pretty suspicious that anyone would want to unify multiple sources of randomness. It's then easy to poison that one output. Better to XOR completely independent sources.

  • You cannot guarantee the security of any data that traverses the public Internet. I think we've all seen enough evidence of that. Therefore relying on any internet-based 'random bit service' is foolish at best.
    • by gweihir ( 88907 )

      It is already not secure it anybody else has it, and here the provider has it. The whole thing is beyond stupid.

  • I thought random.org did this, at least a couple of decades ago when it was a stark gray web page with a new set of random numbers each time you reloaded. It was very simple to wget some "true" random numbers in a script whenever you needed them. I just looked at it again and it seems to have transformed into something different and much more complex, but they still claim "true" randomness.
  • Particulary considering there are actually good and cheap random number sources, and random numbers are not something you should share with anybody else.

    On the other hand, this is a great business model, after all anybody who thinks about this for more than a few minute will not use the service which means that you'll be left with people who have no idea what they are doing and build business models on it (e.g. by deriving keys or using it for lotteries). You could then have a bunch of paying clients who wi

  • 83756010947476562091205856127101057663738989100420527418501364

    09813487348174579801757623145623491056840917541908217836470123

    98127809127476127560589273460031843671548713947858173713467134

C for yourself.

Working...