new idea for random number generation

Steve Kinney admin at pilobilus.net
Thu Aug 3 20:08:01 PDT 2017



On 08/03/2017 02:54 PM, \0xDynamite wrote:
> Speaking of cryptography (harhar), I was contemplating an idea to
> generate random streams of random numbers using chaos theory (not the
> first), specifically the logistic equation [3.5x(1-x)], when I came
> across the argument (http://www.cs.utsa.edu/~wagner/laws/chaos.html)
> that such generators are "psuedo-random", but I don't think is true.
> 
> The equation is capable of producing an infinite stream of numbers
> that get more random as you continue to use the equation.  The amount
> of true randomness approaches the depth of your word size, but in
> theory you can create an implementation with arbitrary depth (say
> 10000 bits).
> 
> Is this interesting to anyone?

Thing is, the output of an equation that takes one iteration's output as
input for the next round, etc. is 100% deterministic:  The same
equation, with same initial input, produces the same output every time.
Being unable to predict an iterated feedback function's 9 millionth
digit on its 9 millionth iteration by any means other than actually
iterating it 9 million times qualifies the function as "chaotic."

But chaos is not entropy:  Actually running an iterated function does
enable one to reconstruct the output stream perfectly, while in
cryptography "entropy" means completely unpredictable data that can not
be predicted or reproduced by any means other than recovering a physical
record of the data set in question.

Only physical sources can generate real entropy in this sense:  Decaying
isotopes, noise from a leaky diode, tumbling dice, snapshots of variable
hardware states in a computer (least significant n. digits of CPU
temperature, fan speed, keystroke intervals, etc.) do qualify as
entropy; the Mandlebrot set does not.

This does leave open the possibility of using a true random number (n.
bits of entropy) to seed an iterated function that will "inflate" that
number to any size desired - but no matter how cunning the algorithm,
those n. bits of entropy are all there is, and define the difficulty (or
otherwise) of brute force breaking resulting ciphertexts.

In cryptography, common sense is a major pitfall.  When I first got
interested in modern cryptography, I made the same mistake:  I was quite
sure that the Mandlebrot set would make a super-powerful cryptosystem
possible.  But alas... deterministic functions, however "chaotic" the
output, add no entropy to the initial input.

Math is my weakest subject, so I am indecently proud of having studied
the RSA cipher until I actually understood it well enough to trust it -
20 years ago.  My grand accomplishment was possible because RSA is
surprisingly simple, once presented and explained.  Today:  Don't ask
me, math is my weakest subject.

:o)









-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20170803/7ce928f5/attachment.sig>


More information about the cypherpunks mailing list