How is random.org publicly verifiable? As far as I know, there's no way to prove that a certain set of numbers was produced by random.org at a certain time.

The public verifiability is the real "quantum" advance of this research; probably the title should say that. Of course, it's true that when you don't need public verifiability, your OS's entropy pool + PRNG is good enough for any currently known scenario.

The purpose of https://www.random.org/draws/ (which is unfortunately currently down), is to do exactly that.

Also it is possible for any group to agree that they will all sign messages at a given time about a given source, and stick them on a blockchain. This then becomes proof that this group all agreed on what was displayed, at that time. This becomes a kind of public verification of what was there.

For simple electronics circuits, reverse-biasing a transistor past its breakdown voltage will give you "noise" — an ADC will give you random values.

I don't know how statistically random it is — suspect it is quantum in nature though since we're dealing with transistors.

(EDIT: checked with ChatGPT, has a sense of humor: "Be careful not to exceed the maximum reverse voltage ratings, or you’ll get more “magic smoke” than white noise.")

Most any sensor attached to a realworld physical system can produce sufficient randomness. Put a vibration sensor on my clothes dryer, plug the output into an md5 hash, and voila. Or setup a webcam aimed at a tree blowing in a breeze. Or pour out some m&ms onto a table and photograph that. We dont need to go quantum when sufficiently random systems like turbulance exist in the macro world.

Insert ref about Github's lava lamps

https://web.archive.org/web/20010926211816/http://lavarand.o... 6 years prior to github, and the claim is 1996 on that link there, which is 12 years prior to github.

not denigrating, just pointing out that the "idea" was around before then, and i can't remember where i first saw it.

I don't know about the age of this Cloudflare idea? Cloudflare's Lavalap Wall is running part of Internet:

"Why does Cloudflare use lava lamps to help with encryption?":

https://www.cloudflare.com/learning/ssl/lava-lamp-encryption...

I might have been thinking of this

Thanks, I always associated it with GitHub (as having "done it first" but didn't really think to push further). I appreciate the correction, I like knowing the correct information.

i used software defined radios to make a few sets of one time pads with entropy. The randomness of proper SDR or even a webcam in a lightproof coffee can or something is demonstrable with any of the tools for "testing randomness"; sibling is correct, MEMS are notorious for "noise" and that noise is "random", one can use a GM tube to trigger interrupts and use the timing to get entropy.

I don't know how you'd prove something is truly random, though, just that it looks and acts "random" enough; fitness for use.

NIST has operated public random beacon since at least 2013, and League of Entropy has operated distributed beacon from 2019.

Public randomness does have uses in cryptography, crypto is not only secret keys.

Can you illuminate what uses public randomness has in cryptography?

If I think about it, I can come up with some. But they seem pretty niche relative to secret keys.

Some crypto algorithms need some random data in their construction. Typically "nothing up my sleeve" random numbers are used - digits of pi, sqrt(2), ...