Free Republic
Browse · Search
News/Activism
Topics · Post Article

To: freeandfreezing
If you made a 32 digit number out of the last digit of the times between the last 32 keystrokes that the user typed in it would be a pretty good random number.

Actually, you probably won't.

On the other hand, if you have an 8-byte buffer, and every time a user types a keystroke you XOR the lower word of that buffer with a high-resolution keystroke timer and then DES-encrypt the buffer with some arbitrary key, then after a thousand keystrokes or so the buffer will probably be, for all practical purposes, random. If not after one thousand keystrokes, then almost certainly after 10,000.

Individual keystroke timing by have a strong correlation bias with regard to earlier keystroke, but DES-encrypting after each keystroke will allow each keystroke to affect the results independently; the amount of entropy will thus continue to increase asymptotically toward pure randomness. What's tough is knowing when enough randomness has been injected into a system for it to safely be called "random".

34 posted on 05/25/2008 6:16:53 PM PDT by supercat
[ Post Reply | Private Reply | To 32 | View Replies ]


To: supercat
As I noted in my disclaimer, my example was intended to illustrate the principle, not propose an actual algorithm.

That said, if you have a system which allows actual measurement of the times of human input events at high enough resolution, then you can always choose a timing interval short enough so that some number of bits of the timing result (the number depends on resolution of the timer) are uncorrelated to the human's response time, and therefor generate a random number.

Practical issues of how actual computer input device interfaces work make this technique not as useful as other techniques, like the ones you outlined, but, for example if you set up a high speed oscillator and a counter, and count the number of nanoseconds between two keystrokes or button presses by a user, you'll see plenty of correlation in the millisecond range, but very little to none in the micro and nanosecond range.

36 posted on 05/25/2008 6:34:00 PM PDT by freeandfreezing
[ Post Reply | Private Reply | To 34 | View Replies ]

Free Republic
Browse · Search
News/Activism
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson