A nasty chap once said “You have nothing to fear if you have nothing to hide.” But in reality we all have something to hide, don’t we? Our privacy. And that hiding process begins with entropy. And it had better be really really random entropy. Public leaks have revealed that what once might have been considered truly random, ain’t necessarily so. Either by conspiracy or cock-up, true random number generators (TRNGs) may not be outputting entirely secure nor Kolmogorov random entropy.
This creates the following trust dilemma for everyone:-
Your objective: To keep your secrets, conversations and privacy safe using high quality one time pads (OTPs), strong cryptographic keys and initialization vectors (IVs). These will all be derived from Kolmogorov random entropy, on an information theoretic basis .
The problem: You can’t be 100% certain that entropy generated by any commercial TRNG is totally unpredictable. A), Computational indistinguishability means that it is mathematically improbable to distinguish a truly random sequence from a predictable (by someone) pseudo random sequence. And B), you typically can’t inspect nor audit the internal device/firmware .
Our solution: Build your own! Following three golden rules, we’ll show how you can make simple entropy sources using commonly available components like Zener diodes and cameras. Such as that which makes the live chart at the top ↑ of this page. These can then be the foundations of your own TRNGs, which you can rely on to not have been compromised by governments/agencies. Or to avoid being an unknowing victim of a cock-up. It’s quite easy .
We all remember what befell the Philistines when they tried to fight David and the Israelites. It was a stark demonstration of unabridged arrogance versus the power of faith. The modern day warfare, cryptography focused remake would look like this:-
What comes out of that small green screw connector can sometimes be just as powerful as that from a 120mm smoothbore. Have faith, and bask in the sure knowledge that even sabot rounds cannot penetrate a genuine OTP, drawn from your own trusted TRNG. And it’s entropy source can be built from just four simple components sat on a 9V battery. Thus flow one time pads and mathematically perfect privacy…