For every field of use or specific usage listed for PUDEC, random number generation is a serious issue, and a possible source of serious difficulties if not done properly (many PUDEC usages would be categorized as fail safe, meaning that a random number generation failure is better handled by an immediate operational termination with minimized consequences than with a degraded operational mode).
The cryptographic servers represent the most demanding field of use. This subject matter has been studied in depth by the two US government agencies, NIST and NSA (see this summary). The CONNOTECH R&D efforts in the IT security area led to the same understanding as reported by these US government agencies.
If a single word could summarize those requirements, it is assurance and more specifically assurance about any influence on the random draw fairness and, in some of the use cases, about eavesdroping.
The PUDEC dice set is unique because it features self-evident entropy characteristics, something not present in any of the alternatives investigated so far.
The CONNOTECH Software Advantage
The PUDEC dice set is offered as a simple but specialized office accessory; its integration in a random number generation scheme filling the requirements is a matter of proper procedures and software integration. CONNOTECH makes technical disclosures and commercial offers addressing procedural and software integration aspects.
The critical software support functions, namely the digitalization and conditioning algorithms covered in this document about the algorithmic aspects, which is advanced with a high assurance development process.
Open source software (GPLv3 licensing) is contributed for the PUDEC usage described as sortition and other ceremonial random draws. This also provides a basis for peer review of the first PUDEC scheme implementation.
Software licenses are offered to integrators for the software support functions.
Set of 36 Dice with Face Numbers Replaced by Unique Bar Code Labels
The PUDEC dice set allows random data input to computer systems with high assurance of fairness or excellent statistical properties, which is also referred to as entropy. Here are the steps of the overall process (more details and exemplary procedural guidelines in a plain descriptive document):
Procure a) the PUDEC dice setA picture of the PUDEC dice set package should come here., b) a bar code reader (the two-dimensional bar code reading capability is used, it is readily available in low-cost bar code reader units), and c) a computer system application ready to input and process the PUDEC outcome sampling data.
With the barcode reader connected physically to the computer system and logically to the computer application, scan the dice outcomeA picture of the PUDEC dice alignment should come here. following procedural guidelines suited to the field of use.
If the field of use requires secrecy protection for the random numbers, shuffle the dice again for to obliterate the discrete outcome.
Software Aspects
Since the PUDEC dice set is new, the computer software application that can benefit must be upgraded or developed. Fortunately, a first such application is available with source code fully disclosed as open source that can be downloaded here.
In this software development perspective, here is the breakdown into software project elements.
The bar code reader interface, typically easy to install and use with technical documentation supplied by the bar code reader manufacturer.
The core algorithm is made of two parts, the digitalization algorithm, analogous to the software logic for converting a measurement instrument raw reading to a known physical unit of measure, and the conditioning algorithm which turns digitized PUDEC discrete outcomes into fair random bits (both are covered in fuller details in a document about the algorithmic aspects).
The system or application control of the dice outcome scanning session, referring mainly to the need to start the scanning session whenever appropriate and to provide a channel for session operator feedback.
The application use of the truly random numbers, which is often the seeding of a pseudo-random number generator.
PUDEC
Practical
Use of
Dice for
Entropy
Collection
Ready to Buy?
The PUDEC dice set is a niche product and very new. CONNOTECH is committed to make it available and is ready to ship to any place, from stock or production runs that can be scheduled on short notice. The introductory price $289 (US currency), or $299 Canadian currency for shipment in Canada. Please contact us to make ordering and shipment arrangements.
Fields of Use
Which type of systems or applications may need this?
Highly secure server systems, notably cryptographic key management servers, because they critically rely on truly random secret number generation for their ultimate security.
Lotery and gaming systems, which can be fair for everyone and robust against future draw prediction attacks only if their RNG (Random Number Generator) is properly seeded.
Large stochastic simulation projects, which would benefit from an unquestionably fair method of seeding their PRNG (Pseudo Random Number Generator) algorithms. (If a large effort is to be devoted to get simulation results, why not use a perfect PRNG seeding methodology if it is available?)
These three fields of application share common requirements (except for secrecy which is a non-goal for the third field).
Specialized Usages
While the PUDEC scheme statistical properties and entropy characteristics are self-evident, this comes with the limitation that dice shuffling does not provide truly random numbers on a continuous basis. In each of the above fields, this is taken care by pseudo-random algorithms that are already well understood.
Some special use of random draws may be assisted to varying degrees by the PUDEC scheme.
Sortition and other ceremonial random drawsalready benefits from the PUDEC self-evident fairness and deterministic software support functions. Sortition refers to election of representatives or allotment of privileges within a group based on a random draw. Other ceremonial random draws include sweepstakes and legal partitioning.
In the field of public key cryptography, the one-time selection of shared public parameters for discrete log cryptosystems suffers from a trust deficiency unless the selection session is seeded with a random draw that nobody, even working for the NSA, can influence. This specialized field of use finds analogy with stochastic simulations (repeatability with a given random draw) and sortition (trust through public witnesses).
Sorry, no particular attention is paid to numerology (a form of esoterism) as a possible field of use for the PUDEC random outcome.
Extreme risk aversion or paranoia as an IT client motivation could in theory be addressed by the PUDEC scheme (by removing any suspicion of outside influence on local selection of secret random numbers). However, any logical analysis of the IT client risk exposure would inevitably antagonize such IT client motivations. Promoting the PUDEC scheme in this perspective would thus require an exageration of its potential, which is not a reasonable course of action for the PUDEC promoter.