Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Random Randomness

Posted by timothy on from the pudding-is-like-yogurt dept.

jfleck writes "According to the American Institute of Physics' Physics News Update, Kent State physicist James Gleeson has developed a technique for generating numbers approaching true randomness. His trick is to shine light through a liquid crystal, taking advantage of its turbulence and avoiding the inevitable risk of predictability in deterministic random number number algorithms."

43 of 80 comments (clear)

  1. but but... by Anonymous Coward · · Score: 2, Funny

    wouldnt avoiding predictability be a bit predictable?

  2. silly by tps12 · · Score: 3, Insightful

    So it's a crystal and a light...a mechanical solution, in other words. Someone tell me how this is different from flipping a coin? True randomness has always been available in the physical world (hence the allure of horse racing). It's only in mathematics, and therefore computing science, that randomness cannot be achieved. And small though this "solution" may be, it doesn't quite count as an algorithm.

    --

    Karma: Good (despite my invention of the Karma: sig)
    1. Re:silly by photon317 · · Score: 3, Insightful


      I agree, but he may be onto something in that his solution may be easier than most to cheaply embed in low end computer hardware.

      Although I seem to remember hearing a long time ago how someone had built a circuit (which I presume could be put easily on an expansion card) that obtained entropy from the small (mostly temperature-fluctuation-induced) changes in capacitance and resistance on some standard crappy-grade capacitors and resistors in a simple circuit. While your case's overall temp might be a bit predictable to a tenth of a degree, I think this was supposed to be sensitive to the very small seemingly random fluctuations of a much smaller degree.

      --
      11*43+456^2
    2. Re:silly by GMontag451 · · Score: 3, Informative
      There are two different meanings of the phrase "random number". One is the coin-flipping variety, where any number within the range is possible, but is only as likely as every other number in the range. AFAICT, this isn't the kind of random numbers the article is talking about.

      The other kind of random number is a number that is entirely entropy. In other words, an uncompressible number. This type of number is extremely hard to generate, and by definition, cannot be generated by an algorithm shorter than the number because this would be a form of compression.

    3. Re:silly by flonker · · Score: 3, Insightful

      If your random number generator is incapable of generating a string of 256 0's in a row, there is something wrong with it.

      True randomness is defined by the fact that knowing all of the previous results gives you zero knowledge of the next result. Being difficult to compress is often a side effect of this, but is not a defining characteristic.

    4. Re:silly by GMontag451 · · Score: 3, Informative
      If your random number generator is incapable of generating a string of 256 0's in a row, there is something wrong with it.

      That is true for the first kind of random number generator that I talked about, not for the second kind.

      Maybe I can describe what I'm talking about better. There are two different types of random number generators. One kind is a generator that randomly produces numbers, which is what you are talking about. The other kind produces *random numbers*, which is something completely different. It is the difference between the generator being random, or the number itself being random no matter how it is generated.

      Randomly produced numbers are equidistributed along the range of the generator, usually from 0 to 1. Random numbers are numbers that are impossible to compress. A number is random no matter what the next result is, but is only randomly produced with respect to the numbers produced before and after it with the same algorithm.

    5. Re:silly by GMontag451 · · Score: 2
      It qualifies as an algorithm as it's a simple piece of hardware that could be put on a card.

      I don't think you know what an algorithm is. This fails the first qualification of being an algorithm, namely that it is computable on all universal turing machines.

    6. Re:silly by flonker · · Score: 2

      This doesn't make sense to me. Here's an algo optimized for storing random numbers according to your definition. Basically, it compresses based on the premise that not all numbers are random, and a number can be tested as being random or not.

      Assuming your definition of random numbers
      Assume not all numbers are random.

      a = 0
      for n = 0 to 2^32
      If n is a random number, then
      store n as a
      a = a + 1

    7. Re:silly by soegoe · · Score: 2, Interesting
      it doesn't quite count as an algorithm.

      Well, designing an algorithm for true randomness is impossible. An algorithm, by definition, must be deterministic, which means that if it doesn't take external input, it's not truly random (because either it will generate the same numbers over and over again or a series of pseudo-random numbers). If it takes external input, on the other hand, this must come from somewhere. You can't take another algorithm (see recursion), so it has to be something mechanical. QED.

    8. Re:silly by GMontag451 · · Score: 2

      The problem with that is any test that can determine wether or not a number of n bits is random must be longer than n bits. So you haven't really compressed anything, just moved the size to the decoder.

    9. Re:silly by chris_mahan · · Score: 2, Interesting

      why, from SETI research signal, of course.

      You know, true randomness does not happen, in theory. If we had perfect knowledge of all subatomic particles since the universe began then we would be able to predict anything. So, in theory, everything, including randomness, can be fully determined. Yet the likelihood of this happening in our lifetime is slim to none.

      Likewise, can you tell, at any one time, how many hits the word "baka" is going to return on the internet in a google search? (by the way, about 363,000 as of 9/19/2002)
      What are the chances that someone, anyone, could replicate the same results exactly in 3 months time? Slim to none.
      I don't think anyone, ever, could pull that off, not even google.
      So while, yes, in theory it is possible, the odds are slim to none.

      --

      "Piter, too, is dead."

    10. Re:silly by flonker · · Score: 2

      Have you got a reference? This definition of random does not seem right.

      (Assuming your definition),
      Assuming there is no upper bound on random numbers,
      Then any generalized test on whether a number is random takes an infinite number of bits.
      Therefore any generalized test on whether a number is random is impossible. QED.

      Then, going back to your first premise that they produced these random numbers using this system, how did they know?

      Also, in my prior algo, you can change the test from "is the number random" to "is the number not provably non-random". Namely, testing the number with some compression schemes designed to fit in a small number of bits.

    11. Re:silly by GMontag451 · · Score: 2
      Have you got a reference? This definition of random does not seem right.

      http://db.uwaterloo.ca/~alopez-o/comp-faq/faq.html

      Scroll down to section four where it talks about Kolmogorov complexity.

      Then, going back to your first premise that they produced these random numbers using this system, how did they know?

      Just because a generalized test is impossible doesn't mean a specific one is. All you have to do is limit the number bitlength and it's easy to make a randomness tester.

    12. Re:silly by flonker · · Score: 2

      Thanks for the reference.

      I still find it extremely hard to believe that any nontrivial sequence of bits can be incompressible. (nontrivial because individual bits can't be compressed.) But I'm going to do some research.

    13. Re:silly by flonker · · Score: 2

      Urm, forgot to say, I am aware of the "compress everything down to 1 bit" fallacy. But...

      Anyway, I'll reserve further comment until after I read about everything a bit more.

    14. Re:silly by j-beda · · Score: 2
      You know, true randomness does not happen, in theory. If we had perfect knowledge of all subatomic particles since the universe began then we would be able to predict anything. So, in theory, everything, including randomness, can be fully determined. Yet the likelihood of this happening in our lifetime is slim to none.

      Actually, the current "best theory" of physics is all based on quantum ideas that incoroprate true randomness. If you had perfect knowledge of all subatiomc particles that still would not allow you to predict much, because all of the quantum effects are probabilistic.

      Most "true" random generators that I know of do something like take a hunk of radioactive material and measure the decay events. Each event is theoretically random, though conformin to a known statistical range.

  3. Coin flipping by cpeterso · · Score: 2, Funny


    I'm going to build a hardware random number generator which contains an actual coin. Sure, I/O waiting for the device to flip the coin is slow, but the numbers are truly random.

    --
    cpeterso
  4. C=64 by Atzanteol · · Score: 2, Interesting

    Didn't the Commodore have a 'true random number generator' that used white noise from the sound card?

    --
    "Ignorance more frequently begets confidence than does knowledge"

    - Charles Darwin
    1. Re:C=64 by sql*kitten · · Score: 2

      Didn't the Commodore have a 'true random number generator' that used white noise from the sound card?

      The Entropy Gathering Daemon similarly sources randomness from your hardware's interaction with the outside world.

    2. Re:C=64 by Tablizer · · Score: 2

      Didn't the Commodore have a 'true random number generator' that used white noise from the sound card?

      So *that* is how the salesman moved the models with burnt out-chips. Clever sweat-talkin' devils they are.

      --
      Table-ized A.I.
    3. Re:C=64 by CTalkobt · · Score: 2

      I believe the C-64 noise on voice 3 was from a R/C circuit imbedded in the SID (sound) chip. It was good for low-level randomness ( 8 bit ) but not for more than that.

      The random number generator in BASIC was fairly crude - I believe mantissa/exponent based but am too lazy right not and not enough space in the margins to go look it up and post it.

      The most commen way to get sorta ok random numbers was to use the second timer as a basis to seed the random number generator.

      Either that or :
      while( peek(198) == 0 )
      i = i + 1
      ( it might be peek(198) == 64 ... )

      --
      There's a gorilla from Manilla whose a fella that stinks of vanilla and has salmonella.
  5. Why not Tea? by Anonymous Coward · · Score: 3, Funny
    I though the best way to get true random numbers was from watching brownian movement it a cup of tea.

    Anonymous only to avoid "-1 Redundant", I seem to get those when people miss the joke.

  6. And how is that any better than... by SIGFPE · · Score: 2

    ...LAVARAND?

    --
    -- SIGFPE
  7. in moderation by flux4 · · Score: 4, Funny

    Could this technology be used to moderate slashdot posts, in a manner even more astonishingly random than before?

    I mean, it's obviously in use in story-submission already. May as well be efficient.

    1. Re:in moderation by Plutor · · Score: 2

      irony /'I-r&-nE/. noun.
      1: incongruity between the actual result of a sequence of events and the normal or expected result
      2: an event or result marked by such incongruity
      3: a comment on Slashdot about the inefficiency and futility of comment moderation that is moderated to (Score: 4, Funny)

  8. The big deal is... by lynx_user_abroad · · Score: 5, Insightful
    the bandwidth.

    It's fairly easy to generate truly random numbers in small quantities, but getting a sizable quantity of cryptographically true, cryptographically secure, cryptographically random numbers has always been a bit difficult. You almost have to do it in hardware, and you almost have to use something which is both isolated from external interference (so others can't load your dice) and doesn't bleed its information externally (so you can be sure you are the only one who knows the number). The first requirement rules out most things which rely on the external environment for input (like EM radiation). Add to this a third requirement for lots of randomness, (which rules out things like thermal junctions, or number of NT bluescreens per day) and a simple problem becomes hard.

    Remember, in this context the common definition of "random" meaning "I don't understand how it works" doesn't cut it. You need true "completely unpredictable by anyone" randomness for many security applications.

    --

    The thing about things we don't know is we often don't know we don't know them.

    1. Re:The big deal is... by rthille · · Score: 3, Funny

      > requirement for lots of randomness, (which rules out things like [...], or number of NT bluescreens per day)

      Hey, we're looking at Randomness, not infinities here!

      --
      Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
    2. Re:The big deal is... by p3d0 · · Score: 2

      What about hooking up a geiger counter to your smoke detector. That would be quantum-level unpredictability.

      --
      Patrick Doyle
      I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
  9. Lava Lamp method? by jsimon12 · · Score: 2

    Didn't someone do a similar thing with a lava lamp and a webcam type setup a year ago?

    1. Re:Lava Lamp method? by chongo · · Score: 2
      Yes we did use Lava Lite (r) lamps to generate random numbers by the cryptographic hash of the digitization of chaotic data back in 1996.

      Today using a new method we call lavarnd (instead of lavarand with 3 a's) that uses the thermal noise from digitial cameras. While they were cool the new method is smaller and does not use the lamps, only a small USB based digitial camera. Our new, patent free method can generate about 100 Kbits/sec off of a Logitech QuickCam 3000 Pro USB camera on a Linux system with ~1GHz CPU.

      We hope to have the full site, complete with Open Source code and CGI demos (old and new) ready by Nov 2002.

      --
      chongo (was here) /\oo/\
  10. Re:Isn't this kind of a "no duh" by lommer · · Score: 2, Informative

    the only problem is that most of your variables won't change in matters of seconds, so theoretically the same number would come up a lot of times in a very short period of time.

    If you use a LOT of variables you approach a good version of randomness, but if someone knows the input data to your system (e.g. by taking separate measurements for themselves) and your algorithim, they can predict your number with 100% accuracy, which is bad in the crypto-security world.

  11. Hidden variables by MarkusQ · · Score: 3, Insightful

    This randomness is distinguishable from so-called "hidden variable" interpretations.

    Not quite. There's a hidden flaw in the argument against hidden variables; the "proof" subtily begs the question. To see this, imagine that there were a level of "hidden variables" complex enough that each quanta (quark, lepton, what have you) could have as much "state" as the entire universe as-we-know it. With such a system you could predetermine every "interaction" over the course of the whole history of the universe--there wouldn't be any "physics," just a mind bendingly huge collection of scripted motions.

    The point being, there's no way we could detect that this was the case...and thus there's know way we can prove that it isn't the case.

    Now, we are free to doubt that we live in such a universe (and believe in "truly random events") but this is just a belief, without any science to back it up.

    -- MarkusQ

    1. Re:Hidden variables by MarkusQ · · Score: 2

      I think you are missing the point. People (yourself included) act as if Bell's inequality ruled out all hidden variable theories--in the sense that it allows us to make testable predictions and the results of testing these predictions are inconsistant with the hidden variable theories. But it only rules out a rather small subset of the possible hidden variable theories and there are many others (such as the extreme case I described) that it does not rule out.

      An analogy to show the flaw in the reasoning:

      Albert: I think there may be someone hiding in the closet.

      Bell: Like who?

      Albert: I don't know. Henri maybe?

      Bell: Well let's see...I know that Henri loves "knock-knock" jokes. Nine times out of ten, he bites if you give him the line.

      Albert: Let's try it. Goes to the closet, says "knock, knock" and waits.

      They repeat this many, many times; no one ever answers "who's there?".

      Are they justified in concluding that there is no one in the closet? Obviously not. Does this mean that there is someone in the closet? Again, obviously not. The line of reasoning they are using is not sufficent to answer the general question.

      IMHO, invoking a universe's worth of hidden state per particle just because you don't like the idea of a random universe isn't much less silly than that.

      I don't recall saying that I believed in one model or another, or that I liked or disliked the idea of a random universe, or that it mattered one way or another what I liked or believed. I'm just objecting to saying that a class of theories has been "ruled out" by an argument that only addresses a small subset of the class.

      -- MarkusQ

  12. Randomness using TCP/IP by MacroRex · · Score: 2, Interesting

    Or ICMP, actually. Some time ago when I needed a relatively small amount (a megabyte or so) of random numbers I thought to check how random the time between sending and receiving a ICMP echo request was. Liking to tinker with this kind of things I wrote a quick-and-dirty program to collect the data.

    Turned out that if the destination host was distant enough (at least a couple of hops) and only a few most insignificant bits of the number of microseconds elapsed between the request and reply was used, the method would yield a fairly random sequence of bits. In fact, I tested the randomness of the sequence with a couple different methods and got positive results from all of them.

    Of course, the technique is completely impractical for generating any significant amount of random numbers, and there probably are ways to embed order into the results if you are part of the network used to relay the requests, but nonetheless I successfully used the sequence in a (one-time) commercial application.

    1. Re:Randomness using TCP/IP by purduephotog · · Score: 2

      Thats funny, I discovered this commercial app that used something similiar to it. Fortunately I recognized that a truly distant host allowed me to guestimate what the numbers would be.... and I successfully reverse engineered the software.

      Good news, credit card numbers and company secrets were soon mine!

  13. Problem with this method by Eagle5596 · · Score: 3, Interesting

    The primary problem with this method is that it is implemented in hardware, which produces quite a few problems.

    1) No known seed. One of the primary characteristics of a good random number generator is that the results are reproduceable. If I want to run the same experiment twice during some sort of simulation, I need to be able to generate the same stream of random numbers twice. Second it is always useful to have a random number generator with a [very large] full period, this obviously is not periodic, which makes it hard to determine if the system which is using the variate generation is chaotic or stable.

    2) Hardware random number generators are often difficult to port to all systems, and to interface with existing programming languages. A good solid pseudo-random number generator (like a Lehmer one) is based on a mathematical algorithm which is reproducable in just about any environment.

    There are many other problems with this approach as well, too numerous to name. In general hardware random number generators are a bad idea.

  14. Another source of randomness by jeff4747 · · Score: 2, Informative

    Random.org

    They generate random numbers based on hardware, using the decay of radioactive elements.

    Yeah, still hardware, but you're never going to get truly random in software. Something has to put in a bit of chaos into the system that you just don't get in a computer. Otherwise they'd just crash all the time.....wait a minute! Windows must have some super-secret random number technology!

  15. What are they used for. by jefu · · Score: 2, Insightful


    There's a major difference between a sequence of pseudo-random numbers (as you describe) and a sequence true random numbers (leaving aside completely any proper definition of what is random).

    Simply enough, it is what they are used for - in many computer applications (simulation, pysol, and the like) pseudo-random numbers are great - given the same seed they're reproducable, they have the right statistical properties - but they may be very predictable, - in cryptography building a perfect one time pad requires true randomness - and a pseudo random number sequence is not even close to working.

    Random numbers are actually a very tough subject, with odd and wonderful oddnesses and wonderfulnesses. Start with Knuth (Chapter 3) (a reasonable introduction to pseudo-random numbers and go on from there (there's easily a lifetime or three of stuff on the topic).

    "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin." John Von Neumann

  16. Re:Here's a true randomness algorithm by sdjunky · · Score: 3, Insightful

    The problem with this is that if you have an idea of the algorithm used you can run through a subset of numbers and then find your seed value.

    e.g. if I know your app is pulling from time of day and my log entries show that it was at 9:55 AM Then I can run a range of all time values between say 9:50 and 10:00 including MS. In so doing you are tying your random number to a known thing which defeats the purpose.

    A truly random number would be one that can't be determined by outside factors ( especially time )

  17. Randomness is Not All That Random by jefu · · Score: 3, Interesting

    Randomness is a very complex subject with lots of odd facets. The article cited at the top of this topic may be a good way to generate more or less "true" random sequences (17 is, of course, the Only Random Number).

    Random sequences based on quantum (or similar effects) are useful primarily in cryptography where "true" randomness is important. Probably in video gambling devices as well (is there any good way to tell how they generate randomness).

    Random sequences based on deterministic generators are useful for lots of other things: simulation, pysol (including freecell), and a number of algorithms. These are not useless by any means and while they need to satisfy some fairly stringent statistical properties, they can be generated by well defined algorithms starting with seeds which may be reused.

    Randomness, its uses, implications, theory and even philosophy is a massive subject - probably more than a single lifetime's worth.

    In fact, its hard to even describe what randomness actually is and how you can tell is something is random.

    For starters try Knuth Chapter 3, go on to Greg Chaitin's work, and cryptography. Then continue with the appropriate bits and pieces of quantum physics and then go back and fill in all the holes. (Don't neglect using cryptographic algorithms to generate random numbers - as well as their uses the other way around, the digits of Pi, the Riemann Zeta function and, well, a lot else) You'll have lots of fun and push your brain quite a bit.

  18. What happens by phorm · · Score: 2

    When there's no natural source of light? Or does this work on non-natural sources. These might be a bit more predicable.

    No dark labs for THESE randomizing circuits - phorm

  19. Intel True Random Number Geneator by hthalljr · · Score: 2, Informative

    You probably have a TRNG right on your desktop. Intel has incorporated a true hardware random number generator (TRNG) in Pentium III and Celeron chips. It's based on the quantum-mechanically random Johnson noise across an undriven resistor. Two resistors are used to eliminate any external effects. Here's a good explanation from Cryptography Research, Inc.: ftp://download.intel.com/design/security/rng/CRIwp .pdf Here's Intel's TRNG page: http://www.intel.com/design/security/rng/rnghow.ht m RSA believes in it: ftp://download.intel.com/design/security/rng/RSA_B SAFE.pdf

  20. Or... by popmaker · · Score: 2, Funny

    Of course we could just get a butterfly to flap it's wings a couple of times inside the computer. That oughta do it. :)