Verification of Random Number Generators
At 2:20 9/19/95, Eric Young wrote:
Now I had not noticed this, my library runs like a charm and things appear random from the random number generator. This sort of error can only be checked by reading the code and specifically looking at critical routines like this the RNG seeding routines. The advantage of my code being public is that some-one like Mike can have a look and pick up problems like this. The moral of the story I suppose is to be paranoid about checking routines relating to RNG.
Just an idle thought: it might be possible to do a probabalistic verification of a RNG by sampling it over some number of samples, and statistically analyzing the sample space. This would be analysis under the model of "RNG as black box" as opposed to (or rather, if you're smart, in addition to) code inspection & review. Any statisticians among us? Erik Fair
On Tue, 19 Sep 1995 09:04:29 -0700 "Erik E. Fair" wrote: --------
Just an idle thought: it might be possible to do a probabalistic verification of a RNG by sampling it over some number of samples, and statistically analyzing the sample space. This would be analysis under the model of "RNG as black box" as opposed to (or rather, if you're smart, in addition to) code inspection & review. Any statisticians among us?
Erik Fair
But statistical tests of randomness alone do not make a good RNG. At least, not for cryptographic use. A cryptographically secure RNG is also unpredictable, i.e., computationally unfeasible to predict the next random bit will be given the algorithm, and not reliably reproduced, i.e., multiple runs with the exact same input do not generate the same sequence. -Chris =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Christopher Nielsen UCA&L System and Network Administrator Buffalo, New York (nielsenc@upgrade.com) #include <disclaimer.h>
participants (2)
-
Christopher Nielsen -
Erik E. Fair