English subtitles

← 02-07 Sources Of Randomness

Get Embed Code
1 Language

Edit Subtitles
Download

Showing Revision 1 created 04/27/2012 by Amara Bot.

  1. Title:
    02-07 Sources Of Randomness
  2. Description:

  3. 0 0:00 - 0:04
    And Quantum Mechanics provides a notion of random events
  4. 4000 0:04 - 0:07
    --that there are events in the universe that are inherently random--
  5. 7000 0:07 - 0:11
    and we can count things like radioactive decay with a Geiger counter
  6. 11000 0:11 - 0:15
    and use that to generate randomness from physical events.
  7. 15000 0:15 - 0:20
    Thermal noise is an easier thing to measure in most circumstances.
  8. 20000 0:20 - 0:24
    If you can measure that precisely enough--it also depends on Quantum Mechanics--
  9. 24000 0:24 - 0:28
    at some level and produces randomness.
  10. 28000 0:28 - 0:31
    And many modern processors have a way of generating a small amount
  11. 31000 0:31 - 0:34
    of randomness by measuring thermal noise in the processor.
  12. 34000 0:34 - 0:37
    Whether it's really physically random depends on a lot of other things.
  13. 37000 0:37 - 0:41
    You can also look at things that actually happen, and think that
  14. 41000 0:41 - 0:46
    they are random. Maybe if they're key presses or user actions--
  15. 46000 0:46 - 0:50
    maybe those are random. An example of this is when we generate
  16. 50000 0:50 - 0:53
    a new key using GPG, it will ask you to generate
  17. 53000 0:53 - 0:57
    --when you start to generate a key--it says we need lots of random bytes
  18. 57000 0:57 - 1:02
    and you can perform some type of action like moving the mouse using the disc
  19. 62000 1:02 - 1:04
    to help generate more randomness for it.
  20. 64000 1:04 - 1:08
    And humans aren't good at doing random stuff
  21. 68000 1:08 - 1:12
    When we move the mouse, we're probably moving it in a pattern--
  22. 72000 1:12 - 1:15
    When we type on the keyboard, maybe we're doing things
  23. 75000 1:15 - 1:20
    that are not very random. So unless you're generating your randomness from
  24. 80000 1:20 - 1:24
    quantum physics, there's always some question whether it's really random enough.
  25. 84000 1:24 - 1:28
    Or whether you can predict the particular motions I took. And certainly
  26. 88000 1:28 - 1:32
    given that this has been recorded and released, the fake key that I generated
  27. 92000 1:32 - 1:37
    for Alyssa B. Hacker should not be used for any secure purpose.
  28. 97000 1:37 - 1:40
    So this approach of waiting for physically random events
  29. 100000 1:40 - 1:44
    is OK for GPG, maybe, because someone using it is
  30. 104000 1:44 - 1:47
    probably patient enough to sit around for a while, doing random stuff
  31. 107000 1:47 - 1:52
    as well as a human can to generate a key.
  32. 112000 1:52 - 1:56
    This would not work very well when you need more randomness
  33. 116000 1:56 - 1:59
    more quickly. And this happens every time you do a web transaction.
  34. 119000 1:59 - 2:02
    Every time someone does a secure web session,
  35. 122000 2:02 - 2:05
    any time you see the lock key in your browser,
  36. 125000 2:05 - 2:08
    there's a protocol going on called TLS. We'll talk about that more in a later unit.
  37. 128000 2:08 - 2:12
    But one thing that that requires is a new random key.
  38. 132000 2:12 - 2:14
    for each secure web session.
  39. 134000 2:14 - 2:18
    I don't think many people would tolerate being asked to move around their mouse
  40. 138000 2:18 - 2:22
    and do strange things to generate enough randomness in the hopes that
  41. 142000 2:22 - 2:25
    that key is secure every time you connect to a website.
  42. 145000 2:25 - 2:28
    So we need something better. We need a way to take a little bit
  43. 148000 2:28 - 2:32
    of physical randomness, and that's usually known as the seed--
  44. 152000 2:32 - 2:36
    that's the initial state, and that's the input to what's known
  45. 156000 2:36 - 2:40
    as a pseudo-random number generator. And that produces
  46. 160000 2:40 - 2:44
    a long sequence--that is longer than the amount of physical randomness
  47. 164000 2:44 - 2:47
    we started with--of random bits.
  48. 167000 2:47 - 2:53
    So that's our goal--to take a small amount of physical randomness
  49. 173000 2:53 - 2:56
    --some source of entropy that we can use as a seed--
  50. 176000 2:56 - 3:00
    have some function that will compute from that seed a long sequence
  51. 180000 3:00 -
    of apparently random bits.