[clug] "League of Entropy" and 'drand' - anyone heard of it, using it?

Thu Aug 8 04:57:47 UTC 2019

I'm not quite seeing the point.

While the numbers are random, they are not secret. Using them in a
crypto system would be a very bad idea. Injecting "well known" values
into the Linux RNG would hardly make it more secure. [The point of
random numbers in a crypto system is that they cannot be guessed -
unlike these.]

Another purpose for such random numbers is for Monte Carlo simulations,
but there again, it would be a lot faster and more reliable to use a
call to the existing RNG.

That just leaves things which make random selections, such as
lotteries. However, they would still need to be audited if they were to
be trusted. If I were auditing such a system I would put a lot more
faith in a system call to get an RNG than making a call to some server
that might be subject to network attacks.

Brenton

On Thu, 2019-08-08 at 14:18 +1000, steve jenkin via linux wrote:
> This seems a big deal to me for some public, transparent and
> auditable processes - not just “Lotteries”.
> 
> With so many Linux boxes out there with the Intel CPU hardware RNG
> added into /dev/random,
> this could be very widely sourced and difficult to compromise.
> 
> 
> Anyone:
> 	Examined it?
> 	Using it?
> 	Running a node?
> 
> s
> 
> ===============
> 
> League of Entropy: Not All Heroes Wear Capes
> June 2019
> <https://new.blog.cloudflare.com/league-of-entropy/>
> 
> 
> The League of Entropy provides public randomness that any user can
> retrieve from leagueofentropy.com.
> <https://leagueofentropy.com/>
> Users will be able to view the 512-bit string value that is generated
> every 60 seconds. 
> Why 60 seconds? No particular reason. 
> Theoretically, the randomness generation can go as fast as the
> hardware allows, but it’s not necessary for most use cases. 
> Values generated every 60 seconds give users 1440 random values in
> one 24-hour period.
> 
> ===============
> 
> 
> Drand - A Distributed Randomness Beacon Daemon
> <https://github.com/dedis/drand>
> 
> Drand slideshow, 15 slides + notes.
> <
> https://docs.google.com/presentation/d/1t2ysit78w0lsySwVbQOyWcSDnYxdOBPzY7K2P9UE1Ac/edit#slide=id.p
> >
> 
> 
> Distributed, bias-resistant, unpredictable and publicly verifiable
> randomness
> Nicolas GAILLY, 2018
> 
> 
> ===============
> 
> League of Entropy
> <https://leagueofentropy.com/>
> 
> [redirects for me to Cloudfare]
> <https://www.cloudflare.com/leagueofentropy/>
> 
> At time of writing, “Index” is 92885.
> These seem to be stored and retreivable
> 
> 
> Randomness Retrieval and Verification
> 
> To retrieve and verify the latest random value using the experimental
> configuration, install Golang v1.11+, set your GOPATH, and execute:
> 
> go get -u github.com/dedis/drand 
> cd $GOPATH/src/github.com/dedis/drand 
> go build 
> ./drand get public deploy/190604/group.toml
> 
> 
> ===============
> 
> 
> --
> Steve Jenkin, IT Systems and Design 
> 0412 786 915 (+61 412 786 915)
> PO Box 38, Kippax ACT 2615, AUSTRALIA
> 
> mailto:sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
> 
> 
> 
> 