Cloudflare Company service , to ensure the work of which a consortium of several organizations is formed, interested in providing high-quality random numbers. Unlike existing centralized systems, League of Entropy does not rely on a single source and uses entropy to generate a random sequence, from several unrelated generators controlled by different project participants. Due to the distributed nature of the project, compromising or forging one or two of the sources will not compromise the final random number.
It should be noted that the generated random numbers belong to the category of publicly available sequences that cannot be used to generate encryption keys and in areas where the random number must be kept secret. The service is aimed at providing random numbers that cannot be predicted in advance, but after generation, these numbers become publicly available, including for checking the reliability of past random values.
Public random numbers are generated every 60 seconds. Each number is associated with its sequence number (round), by which at any time and from any member server you can get the once generated value. Such random numbers can be used in distributed systems, cryptocurrencies and blockchains, in which different nodes must have access to a single random number generator (for example, when generating proof of work done), as well as when conducting various lotteries and for generating random samples in the process of auditing the passage. elections.
To work with the service and to deploy your own nodes tools , written in Go and licensed under the MIT license. Drand runs as a background process that communicates with external generators participating in the distributed network and collectively generates a summary random value. The summary value is generated using the methods и . The generation of a summary random value can be performed on the user's system without involving centralized aggregators.
Drand can also be used to deliver locally generated private random numbers to clients. To transmit a random number, the ECIES encryption scheme is used, in which the client generates a private and public key. The public key is transmitted to the server from Drand. The random number is encrypted using the given public key and can only be viewed by the client who owns the private key. To access the servers, the drand utility can be used (for example, "drand get public group.toml", where group.toml is a list of nodes to poll) or Web API (for example, you can use "curl https://drand.cloudflare.com /api/public" or accessed from JavaScript using the library ). The request metadata is sent in TOML format, and the response is returned in JSON.
Currently, five companies and organizations have joined the League of Entropy initiative and have provided access to their entropy generators. The participants included in the project are located in different countries and use different methods for obtaining entropy:
- cloudflare, , random values based on unpredictable fluid flows in , whose images are served as input entropy for CSPRNG (Cryptographically Secure PseudoRandom Number Generator);
- EPFL (Federal Polytechnic School of Lausanne), URand,
the regular local generator /dev/urandom is used, which uses keyboard input, mouse movement, traffic flows, etc. as sources of entropy. - University of Chile, , as a source of entropy, a network of seismic sensors is used, as well as data from the radio, activity on Twitter, changes in the Ethereum blockchain and a home-made hardware RNG generator;
- Kudelski Security, ChaChaRand, provides CRNG (Cryptographic Random Number Generator) based on ChaCha20 cipher;
- Protocol Labs, InterplanetaryRand, random data is extracted from noise traps and combined with a Linux PRNG and a CPU built-in pseudo-random number generator.
Currently, independent participants have launched 8 public API access points, through which you can find out both the current summary random number (for example, “curl https://drand.cloudflare.com/api/public”), and determine the value at a certain moment in the past ("curl https://drand.cloudflare.com/api/public?round=1234"):
- https://drand.cloudflare.com:443
- https://random.uchile.cl:8080
- https://drand.cothority.net:7003
- https://drand.kudelskisecurity.com:443
- https://drand.lbarman.ch:443
- https://drand.nikkolasg.xyz:8888
- https://drand.protocol.ai:8080
- https://drand.zerobyte.io:8888
Source: opennet.ru