Cryptography is fundamentally based upon the idea that modifying information in a random or pseudo-random fashion is difficult, if not impossible, to decipher without knowledge of the random pattern used for the modification. Thus, modern systems of encryption generally use a formula to generate pseudo-random numbers which are used when modifying the underlying information. The generated pseudo-random numbers can be reproduced using a seed or key as input to the formula. In most cases, this type of system can only be defeated with massive computing power. This stands in contrast to the virtual total security that truly random numbers provide. Therefore, the ability to generate a truly random number is central to a system of encryption that is virtually impregnable to a massive computing attack.
Random Block Security
Random Block Security (RBS) is a system of encryption where a block of random numbers is used to perform encryption by providing a block that is equivalent in size to the data for encryption. Since each byte of data is modified randomly, the resulting cypher is entirely secure and cannot be decrypted by any method. This form of encryption was traditionally referred to as “the one-time pad,” and was often used in espionage for highly sensitive encryptions. RBS, however, may require massive amounts of data to encrypt even small amounts of underlying information, and therefore, RBS is not practical for many applications. RBS remains valuable for the delivery of smaller bursts of information of a highly sensitive and covert nature.
Random Numbers
The productions of truly random numbers is not as simple as it might initially seem, as it requires the isolation of a truly random event. While events may often initially appear to be random, they are usually influenced by biasing forces that create discernable patterns within the resulting observations. For example, the rolling of dice may be highly influenced by the uneven weight of the manufacture of the dice blocks themselves, not to mention the hand movement and orientation of release. Viewing these biases as a whole creates an observable, and thus predictable, pattern over a large number of observations.
One attempt at creating a true random number is described in U.S. Pat. No. 3,688,090 granted Aug. 29, 1972 to Bayard Rankin (hereinafter the “'090 patent”). The '090 patent describes a method of producing a random number through isolation of unpredictable events relating to human patterns of physical movement. By designing a device that required a human operator, it was possible to divide the results of the operation between machine operation and random human error operation. The isolated human error is augmented by feeding the result into subsequent operations that result in additional random human errors. After a sufficient number of errors have been compounded, the resulting value is a discrete and observable number that is truly random. However, this method is severely limited in that it requires human interaction. Since the '090 patent issued in 1972, significant strides have been made in the development of technology such that the need for stronger encryption methods is greater now than ever.
IP Networking
Two of the most important communication protocols used on the Internet and other similar networks are the Transmission Control Protocol (TCP) and the Internet Protocol (IP). Together, the TCP and IP protocols form core protocols of the larger Internet protocol suite used on packet-switched networks. That protocol suite is commonly referred to as the TCP/IP protocol because of the widespread adoption and implementation of the TCP and IP protocols.
The TCP/IP protocol was developed for the United States Advanced Research Projects Agency (ARPA). The TCP/IP protocol is a set of rules that enable different types of network-enabled or networked devices to communicate with each other. Those network devices communicate by using the TCP/IP standard, or format, to transfer or share data. TCP/IP rules are established and maintained by the Internet Engineering Task Force (IETF). The IETF is an international community of network designers, operators, vendors, and researchers concerned with the Internet's architecture and operation. The IETF's mission is to produce technical and engineering documents that influence the way people design, use and manage the Internet with the goal of improving its operations and efficiencies. These documents include protocol standards, best current practices and information updates of various kinds, and are commonly referred to as Request for Comments (RFC).
TCP can be used to establish a bi-directional connection between two clients wherein activity begins with a request for information made by one client to another client. A “client” may be any program or application that initiates requests for or sends information from one remote location to another. As used herein, the term “client” may refer to such applications including, but not limited to, web browsers, web servers, file transfer protocol (FTP) programs, electronic mail programs, line printer (LPR) programs also known as print emulators, mobile phone apps, and telnet programs also known as terminal emulators, all of which operate conceptually in an application layer.
TCP software accepts requests and data streams directly from clients and other daemons, sequentially numbering the bytes, or octets, in the stream during the time the connection is active. When required, it breaks the data stream into smaller pieces called segments (sometimes referred to as datagrams or packets generally) for transmission to a requesting client. The protocol calls for the use of checksums, sequence numbers, timestamps, time-out counters and retransmission algorithms to ensure reliable data transmission. [RFC 793, 1981]
The IP layer actually performs the communication function between two networked hosts. The IP software receives data segments from the TCP layer, ensures that the segment is sized properly to meet the requirements of the transmission path and physical adapters (such as Ethernets and CTCs). IP changes the segment size if necessary by breaking it down into smaller IP datagrams, and transmits the data to the physical network interface or layer of the host. [RFC 791, 1981]
What is needed in the art is a better way to create random numbers without the use of human operation. The present invention is a system and method for creating random numbers without the use of human operation.
In exemplary embodiments, random numbers are generated by measuring transmission turn-around time, or other unpredictable network events, within an IP network. A truly random number may be derived by isolating the difference between the expected network behavior and that which is due to random error. The propagators of random behavior may be, for example without limitation, electrical interference, network congestion, and other such unpredictable network interactions.
Further features and advantages of the systems and methods disclosed herein, as well as the structure and operation of various aspects of the present disclosure, are described in detail below with reference to the accompanying figures.