
True hardware random number generator for $50 - sanoli
https://www.tindie.com/products/ubldit/truerng-hardware-random-number-generator/?utm_source=Tindie+Community&utm_campaign=bb1695b2d4-Featured_Product_Newsletter_5_21_15&utm_medium=email&utm_term=0_bb799798bb-bb1695b2d4-86719057&mc_cid=bb1695b2d4&mc_eid=6cb48920b3
======
danbruc
A random number generator with US flag on it. Yes, it is kind of silly, it is
just a sticker, but it subconsciously evokes negative associations, at least
for me.

~~~
JonFish85
What sticker would make you feel better? China? Hungary? Designed in USA, made
in China?

~~~
smcl
No flag whatsoever, really.

Though exploring that tangent a little, I wonder if there is a any sort of
study on flags\countries and their association with quality (specifically
engineering\tech). Off the top of my head I'd guess people associate places
like Sweden, Germany, Switzerland, Austria - I'm not sure why.

~~~
xrstf
Do not confuse Germany's prior superiority with made goods with their IT
skills. As a German, I can tell you: We're becoming a 3rd world IT country
real quick. Plus the USA is our best friend, including the NSA.

~~~
smcl
While that may be true (I do not know) it's still a connection I
subconsciously make

------
yuvadam
Sounds pretty fucking expensive.

You can get a $10 RTL-SDR [1] dongle that happily churns out over 2MSp/s and
feed random radio noise to your entropy pool using rtl_entropy [2].

Also what's up with the flag, 'murica?

[1] - [http://sdr.osmocom.org/trac/wiki/rtl-
sdr](http://sdr.osmocom.org/trac/wiki/rtl-sdr)

[2] - [https://github.com/pwarren/rtl-entropy](https://github.com/pwarren/rtl-
entropy)

~~~
Someone1234
They're selling a $50 "product." You've linked to a $10 experiment. Just the
fact that theirs comes with a signed Windows driver and software Linux support
out of the box, justifies every cent of the $40.

This complaint is akin to people who complain "a $700 iPhone only has $150 of
parts." It might be true, but it ignores the entire development cost, value
add, and ease of use relative to buying a box of bolts and building an iPhone
(or in this case a RND source).

Their price is very reasonable, and your $10 alternative is not a realistic
alternative.

------
Arjuna
If you enjoy this topic, you might be interested in HotBits. It uses a
Caesium-137 check source and a radiation monitor to generate non-deterministic
values.

[https://www.fourmilab.ch/hotbits/hardware3.html](https://www.fourmilab.ch/hotbits/hardware3.html)

------
kseistrup
What happened to EntropyKey?
[http://www.entropykey.co.uk/](http://www.entropykey.co.uk/)

~~~
hga
They used up the devices they'd had manufactured, were saying they had no idea
if and when they'd have more ... and I guess they've completely given up, now.

~~~
dTal
So... they exhausted their entropy pool?

------
jacquesm
Beware of single junction devices, if that should ever fail and not be
detected then you're in a world of trouble.

------
mistercow
>Showing the random stream as a bitmap shows no visible patterns like a pseudo
random number generator will

Huh? Some PRNGs sure, but I don't really know what this is trying to prove.
The output of any decent stream cipher will appear just as random.

~~~
jacquesm
Sometimes if you start varying the output width of such a process dynamically
you can pick out patterns. Not saying this is the case here but it's an
interesting trick to allow your visual cortex to do some pretty heavy
numerical lifting.

------
joshguthrie
Last I heard, there was a free Quantum Random Number Generator with an API out
there:
[http://photonics.anu.edu.au/qoptics/Research/qrng.php](http://photonics.anu.edu.au/qoptics/Research/qrng.php)

Shameless self-insert: [https://github.com/joshleaves/node-
qrand](https://github.com/joshleaves/node-qrand)

------
ableal
Nicely documented. I wanted to be reminded of what a bitmap picture for a PRNG
bitstream looks like, and found this example:
[https://www.random.org/analysis/randbitmap-
wamp.png](https://www.random.org/analysis/randbitmap-wamp.png)

(bad due to visible patterns, compared to the shown picture for their hardware
generator: [http://ubld.it/wp-
content/uploads/2014/02/random_bitmap.png](http://ubld.it/wp-
content/uploads/2014/02/random_bitmap.png) )

Curiously, the shop shows sales data:

    
    
        376 orders / 22 reviews
        Since Mar 04, 2014 
    

(as of about 14h WEST, 2015.05.22, let's see if it budges ;-)

~~~
CHY872
Be aware that a decent prng will look just like the true one. That one's
particularly crap. The Mersenne Twisters have incredibly long periods (2^19937
- 1 common) and you won't see anything. These are not at all cryptographically
secure.

------
mbq
Pretty auditable alternative for $35
[https://www.tindie.com/products/WaywardGeek/infinite-
noise](https://www.tindie.com/products/WaywardGeek/infinite-noise)

------
__sbrk
I hope they've run DIEHARD or similar against this source to check for
deterministic flaws:

[http://csrc.nist.gov/groups/ST/toolkit/rng/batteries_stats_t...](http://csrc.nist.gov/groups/ST/toolkit/rng/batteries_stats_test.html)

~~~
drewhk
... or TestU01 Big Crush
([https://en.wikipedia.org/wiki/TestU01](https://en.wikipedia.org/wiki/TestU01))

------
RyanRies
On one hand, this is very cool. On the other hand, why can't Intel/AMD just
put this sort of thing on their CPU dyes and be done with it?

~~~
JoachimS
Intel includes a TRNG in their CPUs (on die) since Ivy Bridge. It used to be
called Bull Mountain. Now it is known as RdRand after the instruction. Here is
a good article about it:

[http://spectrum.ieee.org/computing/hardware/behind-intels-
ne...](http://spectrum.ieee.org/computing/hardware/behind-intels-new-
randomnumber-generator)

The problem is that it is a black box. Intel has added the ability to seed the
generator (rdseed), but it does not really reduce the issue of trust.

~~~
jacquesm
If you can seed it then it is not a true random number generator but a pseudo
random number generator.

Also the rdseed instruction does not allow you to seed the generator but
instead allows you to generate seeds for other (pseudo random) generators.

~~~
mcpherrinm
That's true. There is both a CSPRNG and a TRNG:
[https://software.intel.com/en-us/blogs/2012/11/17/the-
differ...](https://software.intel.com/en-us/blogs/2012/11/17/the-difference-
between-rdrand-and-rdseed)

------
Titanous
OneRNG is basically the same thing, except it's open hardware:
[http://onerng.info/](http://onerng.info/)

~~~
jimhefferon
They will be ready by April 2015. I can't wait!

~~~
benjarrell
So, a month ago?

~~~
blacksmith_tb
Not the first Kickstarter product to have that problem. But there is more info
about it here:
[http://moonbaseotago.com/onerng/](http://moonbaseotago.com/onerng/)

------
blkhawk
that american flag on the label makes the whole device suspect to me.

~~~
acqq
If you go that route, the state in which the company is situated is even more
interesting.

The site of the producers, though:

[http://ubld.it/](http://ubld.it/)

Looks like somebody who actually honestly likes to make his own hardware, and
not only RNGs.

~~~
TranceMan
[As a non American] Why?

~~~
acqq
MD stands for Maryland:

[http://en.wikipedia.org/wiki/Maryland#Economy](http://en.wikipedia.org/wiki/Maryland#Economy)

~~~
TranceMan
So relevant is:

Maryland's economy takes advantage of the close location of the center of
government in Washington, D.C. and emphasizes technical and administrative
tasks for the defense/aerospace industry and bio-research laboratories, as
well as staffing of satellite government headquarters in the suburban or
exurban Baltimore/Washington area. Ft. Meade serves as the headquarters of the
Defense Information Systems Agency, United States Cyber Command, and the
National Security Agency/Central Security Service. In addition, a number of
educational and medical research institutions are located in the state. In
fact, the various components of The Johns Hopkins University and its medical
research facilities are now the largest single employer in the Baltimore area.
Altogether, white collar technical and administrative workers comprise 25
percent of Maryland's labor force, attributable in part to nearby Maryland
being a part of the Washington Metro Area where the federal government office
employment is relatively high.

------
late2part
I used this before and it worked great - but it is more pricy than tindie....

[https://ssl.araneus.fi/products/alea2/order/en/](https://ssl.araneus.fi/products/alea2/order/en/)

------
kozak
The "random bitmap" got somehow compressed by the PNG format by 50% :)

------
JustSomeNobody
Slightly OT but, didn't, back in the day, some PC sound cards have a white
noise generator that one could use for random numbers?

~~~
linker3000
Heck, the Commodore 64 had one in the SID chip - I used to use it for random
numbers.

[http://www.atarimagazines.com/compute/issue72/random_numbers...](http://www.atarimagazines.com/compute/issue72/random_numbers.php)

~~~
qrmn
Just to be clear, the SID's noise generator is NOT a TRNG - it's a XOR shift
register, basically an LFSR with no 1-tap. It's predictable.

------
benmanns
_If this pool is depleted then the kernel will block causing a delay until the
kernel can provide the requested random numbers._

Is there a way to measure how often this happens and what kind of improvements
would be expected after buying a hardware RNG?

------
ubldit
Thank you all for the feedback and also the entertainment. Here's a memorial
weekend coupon code for $10 off your purchase of a TrueRNG from Amazon:
MERICA10

[http://www.amazon.com/TrueRNG-Hardware-Random-Number-
Generat...](http://www.amazon.com/TrueRNG-Hardware-Random-Number-
Generator/dp/B00T0XKAQM/)

------
feld
Do these work on FreeBSD?

------
jameskozart
to expensive for only random number generator for $50

