This content originally appeared on Level Up Coding - Medium and was authored by Henrique Centieiro
Cryptography Series I — Why are random numbers so, so, SO important?
Random numbers are probably the single most important thing in the world of cryptography. Without random numbers, cybersecurity couldn’t exist. Random numbers are the pillar of internet security and what allows us to transact securely on the internet. Every time we visit an HTTS website, we use random numbers. The S at the end of HTTPS stands for “Secure”, and it means the website’s data is encrypted at transit with TLS — Transport Layer Security — formerly known as SSL — Secure Sockets Layer. AND random numbers also help us to create Bitcoin addresses.
SSL uses an RNG — Random Number Generator — to create the keys to encrypt the data so that we can browse securely online visit websites, make online payments with your credit card and basically be secure online, reducing the possibility of having a hacker doing a “men in the middle attack”, i.e. having a person “listening” to your internet communications and stealing your information.
Okay, but random numbers are not only important to encrypt your data online! Random numbers are the most important thing when it comes to signing transactions in the blockchain! Random numbers creation allows us to create secure private keys — part of your key pair — that you use every time you send or receive some Bitcoin or crypto!
Why is it important to have a very much random source to create private keys? Well, because if it was not random enough, a hacker could guess what’s your private key and steal your Bitcoin!
Random numbers are also very important in cryptography. It may sound simple to generate a random number, but that’s not true. At all. If you ask me to generate a random two-digit random number, I may say 87. Was my selection random? Or was I influenced by my culture and personal experiences? My selection of 87 may not be so random. 8 is a lucky number in Chinese culture, and 7 is Cristiano Ronaldo’s number. Maybe the 87 pops up in my brain for these reasons.
In the same way, a computer also has a hard time generating random numbers. Not that computers care about local culture or soccer starts, but everything is defined in a computer. There’s no randomness in a computer code. Computers are deterministic, which means that they always produce the same output, given a certain initial state and input.
Cool fact on the importance of randomness: Germany lost World War II probably due to lack of randomness. The Enigma machine used by Nazi Germany to encrypt messages used in the war was cracked by the British Bombe, the machine developed by Alan Turing that exploited the Enigma machine’s lack of randomness. After that, the British allies were able to listen to the messages and eventually made the necessary moves to defeat Nazi Germany.
This is why we need to have special methods and ways to generate random numbers, which are important in cryptography. Random numbers are a cornerstone in cryptography because they allow the generation of unique keys. They also remove the reasoning and predictability of generating numbers, making it hard for an attacker to access the information. The attacker will have no way or mechanism to reason how those numbers were generated, making it harder to hack and discover how the cryptographic keys were created.
So, how can we produce completely random numbers? There are different methods to generate random numbers, like hardware devices that can generate fairly random numbers based on some random data used as a seed. This is also called a random seed, and it’s the data used to initialize a random number generation.
By the way, there’s a lot of philosophical discussion around whether it’s possible to generate truly random numbers, but I will not enter that. Let’s say there are ways to generate pretty random stuff out there!
Choosing a good random seed is essential for cryptography security. If the random seed is not random enough, let’s say the number 87, a hacker could easily discover the seed used to produce a pair of encryption keys. However, if the random seed has high entropy, it’s much harder or impossible for hackers to discover the seed. Let’s look at some example of high entropy random seed sources that can be generated:
- Linux kernel can generate entropy from keystroke timing and mouse movement. Some Open-Source projects allow seed data from audio and video sources
- Linux systems have the /dev/urandom pseudorandom number generator, which generates randomness from noise collected from the computer hard drives. You can try it out by typing cat /dev/urandom in your command-line interface. This random seed comes from noise and random actions that you perform you’re your computer which is very unique to each computer’s activity
- Windows uses different entropy sources such as motherboard data, CPU, interrupt timings, mouse movement and keystroke timing
- Hardware generated random seeds generated by CPU modules
- Sound randomly collected from the computer microphone
- Sensor measuring air turbulence inside the computer’s hard drive
- Cloudflare uses an image feed from 80 lava lamps as a seed source of randomness and entropy. Oh, here come our lava lamps!
- DNA sequencing data
- The motion of electrons in subatomic particles
- Light variations
- How bacteria grow and multiplicate
…and you could list more potential seeds for our random number, but the most important is that it can create a random product out of it. Of course, some of these random seeds are more convenient than others, and most of us don’t need to generate randomness from a group of 80 lava lamps.
When it comes to creating a new Bitcoin wallet, most people rely on whatever their Bitcoin wallet application provides. Usually, these mobile Bitcoin wallets have some kind of PRNG — pseudo-random-number generators — to great the wallet private keys. However, some people don’t trust these wallets enough. They prefer to create their own random seed. There are different methods to create your own random seed, but you can, for example, play around with a Bitcoin paper wallet creation where you input the randomness yourself. NOTE that a per wallet also has some disadvantages, and it’s not the most user-friendly thing to use. IF you plan to use a pepper wallet, make SURE you learn how to fund and withdraw from your wallet before sending your millions to it!!
As you can see, generating random numbers is extremely important for all cryptographic activities, and computers can use multiple PRNG — pseudo-random-number generators — to generate fairly random numbers. I say fairly random and not 100% random because achieving 100% randomness is almost impossible to achieve. Or it is? What do you think??
In the next article, I will talk about prime numbers. Prime numbers are the second ingredient right after random numbers when it comes to cooking private keys for blockchain transaction signing, encryption and many other cryptography applications! Let’s get into it!!!
? Follow me, and please also check my ? blockchain courses:
? The First Ever Dogecoin Course
?? Fintech, Cloud and Cybersecurity Course
?? Unblockchain Course — The Brain-Friendly Blockchain Course
Random Numbers: the single most important thing in blockchain! was originally published in Level Up Coding on Medium, where people are continuing the conversation by highlighting and responding to this story.
This content originally appeared on Level Up Coding - Medium and was authored by Henrique Centieiro
Henrique Centieiro | Sciencx (2021-06-12T13:37:54+00:00) Random Numbers: the single most important thing in blockchain!. Retrieved from https://www.scien.cx/2021/06/12/random-numbers-the-single-most-important-thing-in-blockchain/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.