Skip to main content
Information Security

Return to Answer

grr more typos. shouldn't type in a dim room.
Source Link
LateralFractal
LateralFractal
  • 5.3k
  • 21
  • 41

Would taking a photo using a smartphone and using the RAW file's bytes count as a good way to get a large random number quickly?

In and of itself, no. Digital cameras are designed to capture signal rather than noise, so both the dynamic range and palette compression are designed to fit optimal human vision; not uniform noise distribution. While a RAW file image is a good idea, it will need to bypass the camera's firmware as the firmware "helps" by doing a lot of this image optimisation on the chip - the data fed into the operating system might have already been optimised and cleansed according to various criteria.

But if you can directly use the CCD sensor and tune it for maximum noise (and minimum signal) within a lightless container - a decent noise source can be created.

Holder could recognise by sight, and yet could also deny was a key?

Sadly no, unless the key isn't the whole image but instead a steganographic data stream embedded within the image - as a random image will look, well, random. Which would raise questions in itself for a suspicious attacker.

More sensitive cameras ... would this be one way to protect against intentional flaws being introduced?

There are three different things to consider with "more sensitive" cameras and market forces:

  1. For customers this means more megapixels; which is an improvement in the bandwidth of the sensor but says nothing about its inherent entropy (or signal-to-noise ratio).
  2. For customers "more sensitive" can mean more responsive to varying light conditions. This means more image processing with the intent of reducing sensor noise and artefacts.
  3. People and hence market forces tend not to be aware of how good humans are at matching patterns and how bad humans are at detecting random noise.
  • I could manipulate the values of pixel integers in a way that would almost completely subvert their use as a cryptographic random number source without it being apparent to the user's eye. For example, consider a greyscale image of 10x10 pixels with range of 256 values. I could halve or worse (I don't recall the exact maths) the level of entropy by simply rounding each pixel value to the nearest even value. The human eye wouldn't be able to detect such minute differences.

Further thoughts

The public could certainly benefit from a TRNG application for a mobile phone. Mobile phones have a wide variety of useful peripherals for noise collection. The limitation is whether these sources are accessible at a low level of abstraction.

Proving that a analog source is random is rather difficult; an analog source processed by an inherently digital mechanism even more so. Each camera chip might be subtly different (even on a iPhone monoculture), so a TRNG application would have to have these complex statistical metrics built-in so it can "tune" for each phone.

There is an understandable antagonism toward "rolling your own crypto" and creating a RNG is similar; but if no published well-vetted solution exists for the specific problem domain, then one open-source application is as good as another for starting the peer review process.

Would taking a photo using a smartphone and using the RAW file's bytes count as a good way to get a large random number quickly?

In and of itself, no. Digital cameras are designed to capture signal rather than noise, so both the dynamic range and palette compression are designed to fit optimal human vision; not uniform noise distribution. While a RAW file image is a good idea, it will need to bypass the camera's firmware as the firmware "helps" by doing a lot of this image optimisation on the chip - the data fed into the operating system might have already been optimised and cleansed according various criteria.

But if you can directly use the CCD sensor and tune it for maximum noise (and minimum signal) within a lightless container - a decent noise source can be created.

Holder could recognise by sight, and yet could also deny was a key?

Sadly no, unless the key isn't the whole image but instead a steganographic data stream embedded within the image - as a random image will look, well, random. Which would raise questions in itself for a suspicious attacker.

More sensitive cameras ... would this be one way to protect against intentional flaws being introduced?

There are three different things to consider with "more sensitive" cameras and market forces:

  1. For customers this means more megapixels; which is an improvement in the bandwidth of the sensor but says nothing about its inherent entropy (or signal-to-noise ratio).
  2. For customers "more sensitive" can mean more responsive to varying light conditions. This means more image processing with the intent of reducing sensor noise and artefacts.
  3. People and hence market forces tend not to be aware of how good humans are at matching patterns and how bad humans are at detecting random noise.
  • I could manipulate the values of pixel integers in a way that would almost completely subvert their use as a cryptographic random number source without it being apparent to the user's eye. For example, consider a greyscale image of 10x10 pixels with range of 256 values. I could halve or worse (I don't recall the exact maths) the level of entropy by simply rounding each pixel value to the nearest even value. The human eye wouldn't be able to detect such minute differences.

Further thoughts

The public could certainly benefit from a TRNG application for a mobile phone. Mobile phones have a wide variety of useful peripherals for noise collection. The limitation is whether these sources are accessible at a low level of abstraction.

Proving that a analog source is random is rather difficult; an analog source processed by an inherently digital mechanism even more so. Each camera chip might be subtly different (even on a iPhone monoculture), so a TRNG application would to have these complex statistical metrics built-in so it can "tune" for each phone.

There is an understandable antagonism toward "rolling your own crypto" and creating a RNG is similar; but if no published well-vetted solution exists for the specific problem domain, then one open-source application is as good another for starting the peer review process.

Would taking a photo using a smartphone and using the RAW file's bytes count as a good way to get a large random number quickly?

In and of itself, no. Digital cameras are designed to capture signal rather than noise, so both the dynamic range and palette compression are designed to fit optimal human vision; not uniform noise distribution. While a RAW file image is a good idea, it will need to bypass the camera's firmware as the firmware "helps" by doing a lot of this image optimisation on the chip - the data fed into the operating system might have already been optimised and cleansed according to various criteria.

But if you can directly use the CCD sensor and tune it for maximum noise (and minimum signal) within a lightless container - a decent noise source can be created.

Holder could recognise by sight, and yet could also deny was a key?

Sadly no, unless the key isn't the whole image but instead a steganographic data stream embedded within the image - as a random image will look, well, random. Which would raise questions in itself for a suspicious attacker.

More sensitive cameras ... would this be one way to protect against intentional flaws being introduced?

There are three different things to consider with "more sensitive" cameras and market forces:

  1. For customers this means more megapixels; which is an improvement in the bandwidth of the sensor but says nothing about its inherent entropy (or signal-to-noise ratio).
  2. For customers "more sensitive" can mean more responsive to varying light conditions. This means more image processing with the intent of reducing sensor noise and artefacts.
  3. People and hence market forces tend not to be aware of how good humans are at matching patterns and how bad humans are at detecting random noise.
  • I could manipulate the values of pixel integers in a way that would almost completely subvert their use as a cryptographic random number source without it being apparent to the user's eye. For example, consider a greyscale image of 10x10 pixels with range of 256 values. I could halve or worse (I don't recall the exact maths) the level of entropy by simply rounding each pixel value to the nearest even value. The human eye wouldn't be able to detect such minute differences.

Further thoughts

The public could certainly benefit from a TRNG application for a mobile phone. Mobile phones have a wide variety of useful peripherals for noise collection. The limitation is whether these sources are accessible at a low level of abstraction.

Proving that a analog source is random is rather difficult; an analog source processed by an inherently digital mechanism even more so. Each camera chip might be subtly different (even on a iPhone monoculture), so a TRNG application would have to have these complex statistical metrics built-in so it can "tune" for each phone.

There is an understandable antagonism toward "rolling your own crypto" and creating a RNG is similar; but if no published well-vetted solution exists for the specific problem domain, then one open-source application is as good as another for starting the peer review process.

Source Link
LateralFractal
LateralFractal
  • 5.3k
  • 21
  • 41

Would taking a photo using a smartphone and using the RAW file's bytes count as a good way to get a large random number quickly?

In and of itself, no. Digital cameras are designed to capture signal rather than noise, so both the dynamic range and palette compression are designed to fit optimal human vision; not uniform noise distribution. While a RAW file image is a good idea, it will need to bypass the camera's firmware as the firmware "helps" by doing a lot of this image optimisation on the chip - the data fed into the operating system might have already been optimised and cleansed according various criteria.

But if you can directly use the CCD sensor and tune it for maximum noise (and minimum signal) within a lightless container - a decent noise source can be created.

Holder could recognise by sight, and yet could also deny was a key?

Sadly no, unless the key isn't the whole image but instead a steganographic data stream embedded within the image - as a random image will look, well, random. Which would raise questions in itself for a suspicious attacker.

More sensitive cameras ... would this be one way to protect against intentional flaws being introduced?

There are three different things to consider with "more sensitive" cameras and market forces:

  1. For customers this means more megapixels; which is an improvement in the bandwidth of the sensor but says nothing about its inherent entropy (or signal-to-noise ratio).
  2. For customers "more sensitive" can mean more responsive to varying light conditions. This means more image processing with the intent of reducing sensor noise and artefacts.
  3. People and hence market forces tend not to be aware of how good humans are at matching patterns and how bad humans are at detecting random noise.
  • I could manipulate the values of pixel integers in a way that would almost completely subvert their use as a cryptographic random number source without it being apparent to the user's eye. For example, consider a greyscale image of 10x10 pixels with range of 256 values. I could halve or worse (I don't recall the exact maths) the level of entropy by simply rounding each pixel value to the nearest even value. The human eye wouldn't be able to detect such minute differences.

Further thoughts

The public could certainly benefit from a TRNG application for a mobile phone. Mobile phones have a wide variety of useful peripherals for noise collection. The limitation is whether these sources are accessible at a low level of abstraction.

Proving that a analog source is random is rather difficult; an analog source processed by an inherently digital mechanism even more so. Each camera chip might be subtly different (even on a iPhone monoculture), so a TRNG application would to have these complex statistical metrics built-in so it can "tune" for each phone.

There is an understandable antagonism toward "rolling your own crypto" and creating a RNG is similar; but if no published well-vetted solution exists for the specific problem domain, then one open-source application is as good another for starting the peer review process.