Things like these are absolutely idiotic. Every single computer, be it a laptop or desktop or a phone, are able to produce randomness. Why in the hell would you trust a random website?
Because, firstly, this is a university, not some rando self-hosting, and secondly, you can't generate randomness from any classical computer, only pseudorandomness [0]. This means that a dedicated adversary can potentially work out what the outcome will be. For something like the use cases they mention - jury selection, lottery, etc. - you want actual randomness.
Often, randomness is thought of as something you want to keep hidden, such as when generating passwords or cryptographic keys. However, there are many applications where an independent and public source of randomness is useful. For example, randomizing public audits, selecting candidates for jury duty, or fairly assigning resources through a lottery.
Sometimes you need publicly verifiable randomness, and then your own hardware (which you might or might not even trust privately, depending on how much you trust your vendors) isn’t much help.
If you still think that's idiotic, I'm happy to bet against you in an unbiased* coin flip simulated on my machine which you unfortunately can't inspect :)
There are good uses for block-chain like things, even beyond sprinking in a mention to help raise grant funding, but the headline-grabbers have generally not been those...
Ah, another randomness beacon! Although I wish it used the same API as NIST's beacon, either the v1 or v2 API.
NIST v2: https://csrc.nist.gov/projects/interoperable-randomness-beac...
NIST v2: https://csrc.nist.gov/projects/interoperable-randomness-beac...
Interestingly NIST also has a large campus in Boulder. Maybe Boulder is the epi-center of randomness??
Then one could dynamically and randomly choose which randomness beacon to use! I like it.
Ideally you’d use all of them by mixing their outputs together.
Skobuffs!
The beacon to be guarded at all times by Ralphie??
laughs in Brazilian
Things like these are absolutely idiotic. Every single computer, be it a laptop or desktop or a phone, are able to produce randomness. Why in the hell would you trust a random website?
Because, firstly, this is a university, not some rando self-hosting, and secondly, you can't generate randomness from any classical computer, only pseudorandomness [0]. This means that a dedicated adversary can potentially work out what the outcome will be. For something like the use cases they mention - jury selection, lottery, etc. - you want actual randomness.
[0] - https://en.wikipedia.org/wiki/Pseudorandomness
> […] you can't generate randomness from any classical computer, only pseudorandomness [0].
Back in 1999 Intel used amplified thermal noise from analog circuits on their chips to generate randomness:
* PDF: https://web.archive.org/web/20100714102630/https://www.crypt...
This was further refined and in 2011 they published how RdRand (formerly "Bull Mountain") works:
* https://spectrum.ieee.org/behind-intels-new-randomnumber-gen...
* https://en.wikipedia.org/wiki/RDRAND
* PDF: https://www.intel.com/content/dam/develop/external/us/en/doc...
So classical computers can generate randomness if you have the right circuits for it.
> So classical computers can generate randomness if you have the right circuits for it.
That is by definition not a classical computer. It's not a quantum computer, but it's probabilistic in a limited sense.
From tfa:
Often, randomness is thought of as something you want to keep hidden, such as when generating passwords or cryptographic keys. However, there are many applications where an independent and public source of randomness is useful. For example, randomizing public audits, selecting candidates for jury duty, or fairly assigning resources through a lottery.
Sometimes you need publicly verifiable randomness, and then your own hardware (which you might or might not even trust privately, depending on how much you trust your vendors) isn’t much help.
If you still think that's idiotic, I'm happy to bet against you in an unbiased* coin flip simulated on my machine which you unfortunately can't inspect :)
A use case for a blockchain?
There are good uses for block-chain like things, even beyond sprinking in a mention to help raise grant funding, but the headline-grabbers have generally not been those...
It must be since they use a blockchain for this to decentralized and verify the timestamps.