Cryptographic Randomness from Air Turbulence in Disk Drives

A computer disk drive's motor speed varies slightly but irregularly, principally because of air turbulence inside the disk's enclosure. The unpredictability of turbulence is well-understood mathematically; it reduces not to computational complexity, but to information losses. By timing disk accesses, a program can efficiently extract at least 100 independent, unbiased bits per minute, at no hardware cost. This paper has three parts: a mathematical argument tracing our RNG's randomness to a formal definition of turbulence's unpredictability, a novel use of the FFT as an unbiasing algorithm, and a "sanity check" data analysis.

[1]  D. Torok,et al.  Flow and thermal fields in channels between corotating disks , 1988, InterSociety Conference on Thermal Phenomena in the Fabrication and Operation of Electronic Components. I-THERM '88.

[2]  Manuel Blum Independent unbiased coin flips from a correlated biased source—A finite state markov chain , 1986, Comb..

[3]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[4]  H. Swinney,et al.  Dynamical instabilities and the transition to chaotic Taylor vortex flow , 1979, Journal of Fluid Mechanics.

[5]  Hermann A. Maurer,et al.  New Results and New Trends in Computer Science , 1991, Lecture Notes in Computer Science.

[6]  Pierre Bergé,et al.  Order within chaos : towards a deterministic approach to turbulence , 1984 .

[7]  F. Takens,et al.  Occurrence of strange AxiomA attractors near quasi periodic flows onTm,m≧3 , 1978 .

[8]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[9]  Silvio Micali,et al.  Efficient, Perfect Random Number Generators , 1988, CRYPTO.

[10]  Hugh M. Sierra,et al.  An Introduction to Direct Access Storage Devices , 1990 .

[11]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[12]  Manuel Blum,et al.  Independent unbiased coin flips from a correlated biased source—A finite state markov chain , 1984, Comb..

[13]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[14]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[15]  Takashi Kenjo,et al.  Permanent-Magnet and Brushless DC Motors , 1985 .

[16]  Thomas H. Lewis,et al.  Distribution Sampling for Computer Simulation , 1975 .

[17]  Willem H. Buiter,et al.  Cambridge, MA 02138 , 1987 .

[18]  David Ruelle,et al.  OCCURRENCE OF STRANGE AXIOM A ATTRACTORS NEAR QUASI PERIODIC FLOWS ON TM, M IS GREATER THAN OR EQUAL TO 3 , 1978 .

[19]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[20]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[21]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[22]  Umesh V. Vazirani Towards a strong communication complexity theory or generating quasi-random sequences from two communicating slightly-random sources , 1985, STOC '85.

[23]  Miklos Santha,et al.  Generating Quasi-random Sequences from Semi-random Sources , 1986, J. Comput. Syst. Sci..

[24]  R. Temam Infinite Dimensional Dynamical Systems in Mechanics and Physics Springer Verlag , 1993 .

[25]  David Ruelle,et al.  Occurrence of Strange Axiom A Attractors Near Quasi Periodic Flows on T m , m ≧ 3 , 1995 .

[26]  David R. Brillinger,et al.  Time Series: Data Analysis and Theory. , 1982 .