back to article 23. 712. 3. 608. 45. 89. 11. 332. 841. 255. You want more? Cloudflare and pals are streaming 'em live from new RNG API

Like some kind of space-age Bingo hall caller, a cloud-based API that publicly streams random numbers arrives today, and is being touted by Cloudflare. The web-distribution giant is enlisting the help of four other organizations and a handful of researchers to create what it calls the League of Entropy, a project aimed at …

  1. Benny

    So this is a modern version of random.org?

    Seems cool, but it seems a bit odd to rely on a 3rd party service to introduce randomness into your project

    1. Brian Miller

      Well, there have been a number of public sources for random numbers throughout the years. However, if you are using any number of hardware random number sources that convert entropy to a digital stream, then of course this is superfluous.

      There are random numbers from various noise sources, random numbers from audio and video static, random numbers from fish bowls and Lava Lamps, and of course preschoolers are (un)amazingly random.

    2. Phil O'Sophical Silver badge

      Especially since the random numbers are public, so anyone wanting to break your code just has to store those numbers & they have a starting point for decryption.

      1. Arthur the cat Silver badge

        Especially since the random numbers are public, so anyone wanting to break your code just has to store those numbers & they have a starting point for decryption.

        Hence: This is where it should be noted that the public system will not be recommended in any way, shape, or form for use with cryptographic or security-sensitive tools or applications, for obvious reasons.

        1. FIA Silver badge

          Hence: "This is where it should be noted that the public system will not be recommended in any way, shape, or form for use with cryptographic or security-sensitive tools or applications, for obvious reasons."

          However, it should also be noted that a lot of developers are lazy morons.

  2. Anonymous Coward
    Anonymous Coward

    how long

    How long before a major site or service gets hacked because someone's experimental or development use of this source of entropy gets pushed to production?

    1. stiine Silver badge
      Devil

      Re: how long

      Yesterday?

    2. Naselus

      Re: how long

      Somewhere at a major bank near you, a coder is halfway through the article and already decided TL,DR.

      1. Anonymous Coward Silver badge
        Joke

        Re: how long

        What are you saying? My attention span is perfe Oooh, look, shiny.

    3. Michael Hoffmann Silver badge
      Facepalm

      Re: how long

      Indeed. I hadn't even reached the third paragraph before wondering "shirley, you're not using that for crypto?", then I went "phew, oh that's OK then" - before my mind again flew off towards "some idiot is going to use it for crypto in some big org for critical data, I just know it".

      I remember trying to explain to my tutor(!) during my Master's in the supposedly Advanced Cryptography unit about crypto-safe RNGs. He didn't get it. This was a PhD student!

  3. Alan J. Wylie
  4. Anonymous Coward
    Anonymous Coward

    Solved over 20 years ago using Radioactivity

    http://www.fourmilab.ch/hotbits/

    1. Arthur the cat Silver badge

      Re: Solved over 20 years ago using Radioactivity

      Except that these days if you mention radioactivity there's a subset of the population that will start shrieking loudly. The great thing about the drand initiative is that is combines all sorts of sources of entropy in a verifiable way.

  5. John Savard

    What's it Good For?

    I wonder if someone will come up with an algorithm to use today's official 512-bit random number to predict today's winning lottery numbers...

    It certainly is true that one shouldn't use, for example, RAND's "One million random numbers with 100,000 normal deviates" as a cipher key, and this is sort f the same thing. But some people might make that mistake, and does that mean this site is a menace that should be shut down?

    But there is a valid use for it. Say if you want to randomly choose parameters for, say, an experiment in testing the effect of a fertilizer by applying it to random plots of land.

    And for crypto - say if you generate your own random numbers securely with dice, but those dice might produce numbers that are slightly biased - using an operation like XOR to mix in some high-quality random numbers, even if they're not secure, could be helpful if done right. RAND's book, the digits of pi, or these numbers could serve for that.

    1. doublelayer Silver badge

      Re: What's it Good For?

      Nobody's arguing that it should be shut down. That'd be crazy. However, this site falls into a valley where on-device random number generation is insufficient and where this site would introduce security problems. There are probably a few places that need that degree of entropy, but many of them may have gotten a temperature, static (cosmic radiation), or even human-fed (times of typing or something like that) source. By all means use it if it's needed, but I doubt that people will be rushing out to do so en mass.

    2. Lee D Silver badge

      Re: What's it Good For?

      Yeah, because the people who run the lotteries don't already do that.

      Lucky Dip anyone? From the people who run a website basically premised on the idea that they generate sufficiently random numbers to use on / allocate you a scratchcard from a pool of available ones?

  6. Christian Berger

    I've considered a business model like that in the past

    Surely people will use those bits to base their secret keys on. I mean considering that there are incredibly cheap sources of random noise in virtually every computer (particularly in embedded devices which typically have good true random generators) only complete idiots would choose to get some "random" data everybody else can see, too.

  7. Jou (Mxyzptlk) Silver badge
    1. Bill Gray

      Re: The best RNG so far is

      Seems strange. Both "PRNGs" (_very_ "pseudo"!) just loop through a table of 256 values. The values are not evenly distributed. For example, 249 and 239 appear three times each; 245, 243, and 234 don't come up at all. It's about as non-random as a PRNG can get while still sort of looking like a PRNG. Were Donald Knuth dead, he'd be spinning in his grave.

      But for the purpose at hand of making a game _look_ random, it's actually Just Fine. It's a small, fast PRNG from an era when computational grunt was lacking. They probably could have cut the table size to 64 bytes and replaced "&0xff" with "&0x3f", saving 192 then-precious bytes of RAM, and still had the game "look" random.

      1. Rich 11 Silver badge

        Re: The best RNG so far is

        Were Donald Knuth dead, he'd be spinning in his grave.

        If it could be shown that he wouldn't be spinning evenly, we could use measurements of the perturbations around three axes to output a set of random numbers.

        1. Jimmy2Cows Silver badge

          Re: The best RNG so far is

          Though unless the spin is chaotic, his axial deviation could be predictable...

        2. Bill Gray

          Re: The best RNG so far is

          A while back, inspired by LavaRand, I put some D20s, D12s, and other random dice into a plastic jar and stuck it on the end of a slow (maybe one turn every second) motor, and pointed a Webcam at it. Predicting the resulting images would be equivalent to predicting how dice would land; I felt confident that any adversary capable of doing that would clean up at a casino and leave me alone.

      2. Scott 53

        Re: The best RNG so far is

        If every number appeared exactly the same number of times that would be less random, not more.

        1. Bill Gray

          Re: The best RNG so far is

          Any pseudo-random generator will have a finite cycle and will repeat. Best it can do is to have each value appear an equal number of times. You're right that this is a tip-off that the numbers are not truly random (not something you'll notice with a "modern" PRNG with a cycle length of 2^64 or 2^128 or even 2^19963). But having some numbers appear 3/256 of the time and some not at all is a still bigger tip-off.

          But you can do worse, and many of us probably have. Knuth, as I recall, described an early effort he made in his mis-spent youth which generated somewhat random-looking numbers for a while, and then got stuck in an endless cycle of three numbers. Hence his conclusion that "random numbers should not be generated by a method selected at random".

    2. Lee D Silver badge

      Re: The best RNG so far is

      Clearly they were either so pressed for every single instruction, or someone couldn't be bothered to read Numerical Recipes and code up even a basic one.

      This from the same brains that later used a wonderful mathematical optimisation (https://en.wikipedia.org/wiki/Fast_inverse_square_root) when they had buckets more processor power to use.

  8. Anonymous Coward
    Anonymous Coward

    Disclosure: The Register is a customer of Cloudflare.

    Indeed.

    Cloudflare complains and wants me to enable JavaScript when I try to view the Reg over the TOR browser.

    Also, it would be nice if NetFlix and YouTube would use this random entropy instead of suggesting videos I've already watched.

    1. Jamie Jones Silver badge

      Re: Disclosure: The Register is a customer of Cloudflare.

      Yes, I've had times where Cloudflare has effectivly blocked my access to El Reg.

      One other time, a simple edit to a post containing a few links presumably got flagged as spam, and it kept hitting me with the craptcha thing, with yellow buses and american fire hydrants, and so on.

      Additionally, when you say "boxes containing traffic lights", do you mean just the lights? the housing? the poles?

      I gave up after 3 failed attempts.

      It's not happened often, to be fair, but it's still annoying when it does.

  9. Sorry that handle is already taken. Silver badge

    What I want to know is why it isn't called Numberwang.

  10. Kevin McMurtrie Silver badge

    Small primes as a service

    http://pixelmemory.us/~mcmurtri/Primes.jsp?from=56&to=200

    Perfect for when you need to scramble some bits with a prime number you've pulled out of your SaaS. It's an ancient page and bots have crawled it up to the 2000168719th prime number, which seems to be 47059986679 (if the code works).

    Since I've got the primes, I might as well do LCMaaS.

    http://pixelmemory.us/~mcmurtri/LCM.jsp

    Any other silly self-hosted services out there?

    1. Anonymous Coward
      Anonymous Coward

      Re: Small primes as a service

      If you want smallish primes as a service, the best place to get them is straight from the ursine arsehole. Please allow me to introduce you to Alkulukuja Paskova Karhu, The Prime Number Shitting Bear: https://alpha61.com/primenumbershittingbear/

  11. K.o.R
    Go

    Huh, and there was me thinking the "lava lamp RNG" was just some bullshit they came up with for that one episode of NCIS: Los Angeles.

  12. Milton

    For testing?

    I assume, and the article stonrgly implies in its summing-up, that this will be used by some folks developing and testing systems that will require random, not PRNG, data. Well, that's fine. It seems we're all agreed that as a source for serious crypto¹ it is an absolute non-starter. Even a "private" stream couldn't guarantee either that the data remained unique to its users or that a MiM attack couldn't eavesdrop on it.

    And anyway, if you want real randoms for serious crypto, aren't you using at least a dongle, with some combination of Johnson noise, and/or a radioactive source, probably also with a "twitch your mouse like you're having a fit for 30 seconds" session to generate wildly random values? (Or even, whisper it, a cheap little antanna stuck out the window that feeds on RF, cosmic rays etc?)

    (Some folks with very long planning horizons, spooked by quantum computing—and possibly exaggerated visions of what's in the basement at Ft Meade—have already devoted considerable energy to punching out self-destructing one-time pads, and may be single-handedly keeping the world's airlines in profit as a legion of grumpy Borises flit about with thumb drives up their asses. They are generating quadruply-seeded random streams by the terabyte.)

    .

    ¹ "Serious crypto", as in "major consequences".

  13. Paul Uszak

    /dev/random ?

    For those lucky enough to use Linux, there's always /dev/random for information theoretic secure random numbers. That will get you 10's of kbits/hr simply using your machine, and 20's of kbits/hr using PornHub. And there's /dev/urandom for infinite amounts of cryptographically secure numbers. We need education, not a lava lamp service...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like