ROB SEWARD   ::   WORKS   BIO   CONTACT   BLOG



Z1FFER. 2013-2016.


Project website: openrandom.org

Z1FFER is an open source hardware random number generator.

Cryptography depends on high-quality random numbers that originate from a truly random source. When you go to your bank's website, for example, your computer must automatically generate a random "password" (known as a key) in order to create an encrypted connection with the bank. Your computer could generate this key using an algorithm alone, but the problem with this approach is that if someone knows the algorithm, they can theoretically predict the key and crack the encryption between you and your bank. Therefore many computers have a hardware random number generator that uses a natural source of entropy to generate irreproducible randomness.

However, the Snowden documents revealed that the NSA actively works to insert vulnerabilities into commercial encryption systems, and one way of undermining encryption systems is to tamper with their random number generation. In 2005 the NSA published a random number generating algorithm with the recommendation that people use it in their systems. Later, security researchers revealed the NSA method allowed for the existence of a secret key, which, if known, would allow them to predict the output of the algorithm, which would in turn allow the NSA to break any encryption using their recommended algorithm. [source]

Additionally, there is a long list of catastrophic security breaches that were due to malfunctioning (or inadequate, or compromised) random number generators [link, link, link, link].

Therefore, there is a strong need for open source random number generators that rely on truly random physical phenomena instead of deterministic algorithms. Z1FFER is my attempt to provide such devices. They can be purchased at openrandom.org.