1995-09-19 - Re: Verification of Random Number Generators

Header Data

From: Christopher Nielsen <nielsenc@upgrade.com>
To: “Erik E. Fair” (Time Keeper) <fair@clock.org>
Message Hash: 9d43227eb067249cf44458a4b5f7993095d3aff8e467460fde9e19243805bc88
Message ID: <199509191817.OAA05143@upgrade.com>
Reply To: <v02110102ac849090d9fe@[17.255.9.110]>
UTC Datetime: 1995-09-19 18:18:41 UTC
Raw Date: Tue, 19 Sep 95 11:18:41 PDT

Raw message

From: Christopher Nielsen <nielsenc@upgrade.com>
Date: Tue, 19 Sep 95 11:18:41 PDT
To: "Erik E. Fair" (Time Keeper) <fair@clock.org>
Subject: Re: Verification of Random Number Generators
In-Reply-To: <v02110102ac849090d9fe@[17.255.9.110]>
Message-ID: <199509191817.OAA05143@upgrade.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995 09:04:29 -0700  
"Erik E. Fair" wrote:
--------
>> 
>> Just an idle thought: it might be possible to do a probabalistic
>> verification of a RNG by sampling it over some number of samples, and
>> statistically analyzing the sample space. This would be analysis under the
>> model of "RNG as black box" as opposed to (or rather, if you're smart, in
>> addition to) code inspection & review. Any statisticians among us?
>> 
>> Erik Fair
>> 

But statistical tests of randomness alone do not make a good RNG.
At least, not for cryptographic use. A cryptographically secure
RNG is also unpredictable, i.e., computationally unfeasible to
predict the next random bit will be given the algorithm, and not
reliably reproduced, i.e., multiple runs with the exact same input
do not generate the same sequence.

-Chris

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Christopher Nielsen                               UCA&L
System and Network Administrator                  Buffalo, New York
(nielsenc@upgrade.com)                            #include <disclaimer.h>





Thread