NIST is implementing a proof-of-concept prototype of a trusted public source of randomness. The prototype uses two independent commercially available sources of cryptographic randomness, each with an independent hardware entropy source and SP 800-90-approved deterministic components.
The source is designed to provide unpredictability, autonomy, and consistency. Unpredictability means that users cannot algorithmically predict bits before they are made available by the source. Autonomy means that the source is resistant to attempts by outside parties to alter the distribution of the random bits. Consistency means that a set of users can access the source in such a way that they are confident that they all receive the same random string.
Why is the Randomness Beacon Needed:
The theoretical community has developed many clever cryptographic security protocols over the years for access, authentication, privacy, and authorization in networking and e-commerce applications. However, except for the simplest and most basic protocols, few have been widely deployed. A major reason concerns efficiency. Many of the more sophisticated security protocols, such as zero knowledge proof systems, are highly interactive and require too many communication rounds to be feasible in most situations. Other privacy-preserving protocols eliminate the need for many rounds of communication but assume the availability of a trusted source of randomness, an assumption that is not generally valid at present.
In response, NIST is developing a prototype implementation for a Randomness Beacon that will broadcast full-entropy bit-strings. The beacon will post them in blocks of 512 bits every ∆T seconds, where ∆T is an adjustable parameter that can vary from one second to minutes. Each such value is sequence-numbered, time-stamped and signed, and includes the hash of the previous value to chain the sequence of values together and prevent even the source to retroactively change an output package without being detected. The beacon will keep all output packets and make them available online. The beacon's engine uses multiple input sources of entropy and the NIST team leveraged recent work done on tests to validate an entropy source.
Additional Technical Details:
NIST is currently implementing and enhancing the NIST Randomness Beacon. NIST will make the prototype available to promote research, development, and demonstration of cryptographic security protocols that assume the availability of a trusted source of randomness.
To ensure that the trusted source of randomness is seeded with a truly random value (which is not possible to obtain in any classical physical context), our team established collaboration with NIST physicists from the Physical Measurement Laboratory (PML), to generate a sequence of truly random values guaranteed by the laws of physics to be uncorrelated with anything in the Universe to be used as entropy source for the Beacon.
In August 2012, this project received a multi-year grant awarded by NIST's Innovations in Measurement Science (IMS) Program. IMS awards highly competitive programs designed to explore high-risk, leading-edge research concepts that anticipate future measurement and standards needs of industry and science. Our team will focus on replacing standard physical sources of entropy to the Beacon with a verifiable source using quantum physics (see http://www.nist.gov/pml/div684/random_numbers_bell_test.cfm).
Lead Organizational Unit:itl
Dr. Michaela Iorga