Recientemente Cloudflare Company Introduced League of Entropy Service, for the operation that was formed around a consortium of various interested organizations in rendering random numbers.
Unlike existing centralized systems, League of Entropy is not based on a single source and is used to generate a random sequence of entropy obtained from multiple generators unrelated controlled by different project participants.
Due to the distributed nature of the project, compromise or falsification of one or two of the sources will not lead to the compromise of the final random number.
Note that generated random numbers belong to the category of publicly available sequences that cannot be used to generate encryption keys and in areas where a random number must be kept secret.
The service aims to provide random numbers that cannot be predicted in advance, but after generation these numbers are publicly available, even to check the accuracy of the random values passed in.
How does League of Entropy work?
Public random numbers are generated every 60 seconds. Each number is associated with its sequence number (round), so at any time and from any member server you can get the generated value once.
These random numbers can be used in distributed systems, cryptocurrencies and blockchains, in which the different nodes should have access to a single generator of random numbers (for example, when forming evidence of work performed), as well as when conducting various lotteries and to generate random samples during the election approval audit.
To work with the service and deploy their own units proposed Drand toolkit, written in Go and sold under the MIT license.
Drand runs in the form of a background process, which is associated with external generators participating in a distributed network and collectively forming a random summary value.
The pivot value is generated using threshold cryptography and bilinear matching methodsl. The generation of a composite random value can be done on the user's system without involving centralized aggregators.
Drand can also be used to deliver locally generated private random numbers to clients.
To transmit a random number, the ECIES encryption scheme is used, in which the client generates a private and public key.
The public key is transmitted to the server from Drand. The random number is encrypted using this public key and can only be seen by the client who owns the private key.
A proposal to avoid fraud
Currently, five companies and organizations have joined the League of Entropy initiative, which has provided access to its entropy generators.
Now, you might think that using a randomization beacon for random generation processes, such as those required for lottery selection, would make the process resistant to adverse manipulation.
Participants included in the project are located in different countries and use different methods to obtain entropy:
Cloudflare, LavaRand: Random values are formed on the basis of unpredictable fluid flows in lava lamps, the images of which serve as input entropy for CSPRNG (Cryptographically Secure Pseudo-Random Number Generator);
The University of Chile uses a network of seismic sensors as well as an entropy sourceas well as radio data, Twitter activity, Ethereum blockchain changes, and a DIY hardware RNG generator.
Kudelski Security, ChaChaRand, provides a CRNG (Cryptographic Random Number Generator) based on the use of the ChaCha20 encryption.
Protocol Labs, Interplanetary Rand, the random data is extracted from the noise receivers and combined with Linux PRNG and a pseudo-random number generator built into the CPU.
Currently, independent participants run 8 public API hotspots, through which you can learn both the current composite random number.
Source: https://blog.cloudflare.com