

High-entropy randomness generator using calibrated soundcard - acqq
http://www.av8n.com/turbid/paper/turbid.htm

======
acqq
I believe it results in high quality bits but I understand it doesn't get
enough attention because it's not sexy like "I'm using the radioactivity" and
doesn't appeal to lazy -- the equipment must be calibrated.

Still it's worth reading, at least this part should matter even to people who
wouldn't like or know ow to do the calibration:

'“Whitening” Considered Unhelpful'

~~~
dazzawazza
People who require good quality random numbers (like gambling outfits) like
off the shelf natural random number generators because

a) you can do due diligence to see if the company meets its claims *

b) you don't have to become and expert in measuring randomness

c) sexiness is good when people will constantly claim your system and RNG are
fixed biasing the house * * . Being able to point to a well known and verified
company that generates real random numbers helps.

Having said that, having worked for a poker startup I did find it fascinating.

* doesn't mean your RNG is random but it's more likely to be random them a homespun solution, unless you are an RNG expert.

* * of course the RNG isn't fixed biasing the house.... the games themselves are fixed but people fail to see that. In poker the house has no real reason to fix the RNG as they rake money faster than you can print it.

------
bhickey
This is proving to be an interesting read, but I have much different design
goals in mind than the author. I'm interested in simulation, and this sort of
RNG is useless for that purpose. I would go as far to say this approach is
useless for any scientific purpose. With great state comes great
reproducibility. (I couldn't resist!)

In the abstract the author suggests that PRNGs rely on "on unprovable
assumptions about “one-way functions”" Any PRNG worth using should have solid
number theoretic footing. For example, Multiply with Carry generators are
based on the decimal sequence produced by dividing integer by a very large
prime.

------
vessenes
Reading this, I'm curious how much could be automated with software. There's
quite a lot of 'plug in this, measure that voltage, manually reset this' in
the docs.

I compare this to just subscribing to quantum entropy over the internet and
conclude you'd need a lot of private random bits before this approach makes
sense in terms of time.

I found really fascinating the comments and complaints about dumping bits
through SHA-1 (which they do) and then testing randomness of the SHA-1
bitstream. In short, they think it's stupid to test randomness using just
heuristics on SHA-1. Presumably because SHA-1 is actually pretty good already,
and so it obscures some of the upstream quality.

~~~
acqq
The whole point of determining the lower bound is measuring the sensitivity of
the input of the sound card. If you don't know the exact sensitivity of your
device you have to measure it. The author evaluates the quality of the
different sound cards inputs as a byproduct: note that he for example
measures:

"(Creative Labs) Extigy has astonishingly poor input sensitivity. It’s about 5
times worse than a typical cheap sound card, and about 100 times worse than a
decent 24-bit soundcard, as you can see from table 4."

The sensitivity is the first column of his table, demonstrating some products
being unusable for this purpose and obviously unusable for any quality
recording too.

It would certainly be good to have the database of the measurements for
different products. It's amazing how little we know about the consumer
products being sold unless we measure them.

