IRC Random Number Generator

A year ago while I was reading Applied Cryptography I got an idea for using IRC as a random number generator. The book mentioned using a rolling car wheel to generate random numbers, by measuring its period. So why not IRC? Grab the code,

git clone git://github.com/skeeto/ircrng.git

It's based entirely on event timing: it logs in and sits on several channels, then measures the time between events. When a new event occurs it compares the time passed between this event and the last event, and the time between the two events before it. If it's greater, emit a 1, if less emit a 0. Simple.

For skew removal I used transition mappings (rfc1750), invented by von Neumann. It looks at pairs of bits. If they differ, pass the first bit, otherwise toss both bits. So if it comes across "11" or "00", it tosses them. If it comes across "10" it emits "1", and "01" it emits 0.

Here's an analysis by ent of 476 output bytes I generated overnight: irc.random.bytes.

Entropy = 7.515132 bits per byte.

Optimum compression would reduce the size
of this 476 byte file by 6 percent.

Chi square distribution for 476 samples is 274.79, and randomly
would exceed this value 25.00 percent of the times.

Arithmetic mean value of data bytes is 127.7248 (127.5 = random).
Monte Carlo value for Pi is 2.886075949 (error 8.13 percent).
Serial correlation coefficient is -0.062745 (totally uncorrelated = 0.0).

Eh, not awful, but not too great. It got a good score on the Chi-square test, which I attribute to the skew filter. This generator is also extremely slow, generating only a few bytes per hour. At best, each event only generates a half of a bit, after skew correction. It would probably be more profitable to take the hash of the actual event with a timestamp and use that as the RNG.

Also, someone else running this generator on the same channels would generate very similar numbers. Worse, someone eavesdropping on your network connection knows mostly what numbers you generated. Worse yet, someone actively modifying your connection could control your generator and force whatever output is desired.

So overall, I would say it's not very useful.

Have a comment on this article? Start a discussion in my public inbox by sending an email to ~skeeto/public-inbox@lists.sr.ht [mailing list etiquette] , or see existing discussions.

This post has archived comments.

null program

Chris Wellons

wellons@nullprogram.com (PGP)
~skeeto/public-inbox@lists.sr.ht (view)