Slashdot Mirror
New Method for Random Number Generation Developed
Science Daily is reporting that a German team has developed a new method of random number generation that they hope will improve security. "The German team has now developed a true random number generator that uses an extra layer of randomness by making a computer memory element, a flip-flop, twitch randomly between its two states 1 or 0. Immediately prior to the switch, the flip-flop is in a 'metastable state' where its behavior cannot be predicted. At the end of the metastable state, the contents of the memory are purely random. The researchers' experiments with an array of flip-flop units show that for small arrays the extra layer makes the random number almost twenty times more 'random' than conventional methods."
I'd say based on the fact that all your characters were lower case, and the overwhelming proportion of characters to digits, there are significantly fewer bits of entropy in your so-called random comment than you would have us believe.
Ze Atomic Device! It iz Ztolen!
the generation of random number is too important to be left to chance.
Your grandmother can generate non-alphanumeric random characters?
Man, no wonder you're here.
Lets play a game, what XKCD am I thinking of?
always been one of my favorites... http://xkcd.org/221/
So your suggestion is to generate a random with a random? How do you get the random slashdot thread?
TFA fails to state whether they used existing memory types or if they intend to use a custom piece of hardware on board.
From TFA:
The team adds that the efforts of a cracker attempting to influence the array will be wholly obvious to a simple statistical analysis as -- depending on the type of attack -- either the whole array or single elements will be disturbed, whereas these are again selected randomly. So this true random number generator can protect systems against third-party snooping, potentially making private and sensitive transactions on the Internet more secure.
Now I'm really skeptical. A cracker who is able to "influence" the array might be able to influence it with a pseudorandom number generator that he/she can predict.
I think that hardware based RNGs, such as those detecting radioactive isotope decay, have been around for a while. I'm not sure how this one can provide more security, especially if the attacker has access to the hardware. I think that most gate transition thresholds can be influence by simple things like temperature anyway.
What exactly does "more random" mean in the summary? I think something is either random or it isn't. Perhaps this claim should just make us "more skeptical".
The set of all random numbers does not exclude "non-random-looking" numbers. I just cherry-picked one for you.
I always thought the WiFi radio in laptops would be a good thing for generating random numbers.
While this new technique may improve security, it seems to lack one important property of pseudo-random numbers that is required by many applications: reproducibility.
Good luck finding the bug in your program with a stream of randoms you'll never be able to reconstruct again.
He's here because his grandmother can generate babies.
Still? Damn, my mother can't even do that anymore. I don't even want to think about my 87 year old grandmother giving it a try.
"I opened my eyes, and everything went dark again"
There is no way they can prove that these flip flops don't have bias one way or the other. Even if you could design a perfect circuit it would be subject to the imbalances between p-type and n-type transistors and process variations. This makes it impossible to create a perfect Gaussian metastability function or to place a device at the apex of that function such that the probability is 50/50 of switching to 1 or 0. Hence, you will not achieve truly random results. Metastability is also affected by the power supply voltage and current. A cryptographic device employing this technique could be subject to attack by lowering or modulating the power supply in such a way as to create predictable "random" numbers. i.e. make sure all the flip-flops transition to 1 or 0.
I am becoming gerund, destroyer of verbs.
Question: why not simply use the random crap we all have on our PCs to generate random numbers? Say...choose 5 folders at random on a PC. You could use size limits to narrow the search..say between 500Mb and 2Gb. Then make a hash based on those five folders, something like file sizes or time stamps or a combination of the two, wouldn't that be pretty damned random?
Now maybe I'm understanding it wrong, certainly not a crypto expert by any stretch, but surely nobody has the exact combination of downloads+pictures+music+temp+docs that I do, and that data should be able to be mixed in plenty of ways to generate random numbers, yes? And by choosing random folders based on size instead of just choosing defaults you shouldn't run into the "everyone has the same" problem like the default contents of my music or my pictures, so am I missing something?
What you're describing sounds more like something that could be the "seed" for the random number generator - which would then still use an algorithm to generate the "random" numbers (since they're using an algorithm, they'd still just be pseudo-random).
Track your TV Shows with your iPhone - FREE
You bring this up as a humor point, but it can be a small problem, I think, when "non-random" sequences are removed from possible random number generations. For example, if a 4-digit pre-generated PIN is not allowed to use certain sequence types such as sequential, all the same, paired pairs, etc., it may take a fair slice out of the available keyspace (not sure that's the right word, but it's close enough), at least enough to narrow down the ambiguity in case some hints about the PIN are known by an attacker.
It's less of a problem with longer passwords, as the maximum entropy for a given entry expands while patterns take smaller bites out the available space, but it does reduce the possible entropy slightly.
It also reminds me of a Dilbert strip where he visits the accounting trolls, and they take him to their random number generator, which is another troll saying, "9... 9... 9... 9..." Dilbert asks if it's really random, and the first troll says, "That's the problem with randomness: you never really know."
You can never go home again... but I guess you can shop there.
So your suggestion is to generate a random with a random? How do you get the random slashdot thread?
From the previous random, duh!
Track your TV Shows with your iPhone - FREE
Actually Bruce only has a 50% chance of getting the answer in 0.019 seconds. Chuck Norris however just hits the researcher with a round house so hard that his grandmother spits out the answer, 100% of the time.
"I opened my eyes, and everything went dark again"
Here is a slightly-absurd-but-awesomme dice rolling machine.
For those of us whose systems block the Wayback machine as an anonymizer, you might try http://dilbert.com/2001-10-25/ instead. (They started putting pretty much all of the old Dilberts online a few months ago.)
You can never go home again... but I guess you can shop there.
That's one problem it won't have, since the initial condition is at the balance point of P vs. N. The bias would show up in the curvature of the gain function around the bias point. It's not a large bias, and it's likely to vary from one device to the next -- so the prudent designer would have to correct for each bit's history. Still, thermal noise is easier to work with than radioactive decay.
Lacking <sarcasm> tags,
Humans tend to define 'random' as being evenly distributed, to the point that if you ask a group of twenty people or so to space themselves randomly around a room, they will end up the same distance away from each other. It's probably more likely for the elements in a true random sequence to be similar to each other than for them to be evenly divided.
Funny may not give karma, but +5 Informative never made anyone snort coffee out their nose.
http://en.wikipedia.org/wiki/Entropy_(information_theory)
"Prefiero morir de pie que vivir siempre arrodillado!"
"Say...choose 5 folders at random on a PC" And how exactly do you propose we choose those folders randomly?
The only problem with the cat was they have 9 lives. No wonder we always kept getting live cats when we opened the box.
Seven puppies were harmed during the making of this post.
It's random folders all the way down.
If all else fails, immortality can always be assured by spectacular error.
http://pv.fernuni-hagen.de/docs/fechnerb_attack.pdf
Wer mit Ungeheuern kämpft, mag zusehn, dass er nicht dabei zum Ungeheuer wird. --Nietzsche
Obilgatory TheDailyWTF
Question: why not simply use the random crap we all have on our PCs to generate random numbers? Say...choose 5 folders at random on a PC.
To understand recursion one must first understand recursion.
"Always forgive your enemies; nothing annoys them so much." - Oscar Wilde
If it's "purely" random (as they put it), then how can you measure the difference between it and a "conventional" method? Wouldn't comparing a pseudo random source to "true" randomness be like comparing a finite number to infinity? In that you "know" it's more random, but it's impossible to quantify with a finite value (the twenty times qualifier)?
If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good
Randomness is all about perception, i think.
The roll of a die is random (enough) for gaming because most people can't control their hand and the environment with enough precision to control/predict the outcome. In reality, the outcome is completely causal. The starting orientation of the die, the bounciness of the die, the sharpness of the edges, the velocity imparted by the hand, the hardness and friction of the rolling surface determine what the roll will be. With enough control over those inputs the roll would cease to *appear* random.
Record a die roll on a high-speed camera. As the decelerates the outcome of the die will be easier and easier to predict. The 1 and the 2 will be on the top at the last 1/10th of a second, in the last 1/100th of a second it will become crystal clear that it's going to roll a 1.
The apparent randomness of weather is decreasing over time, not be because weather has changed it's behaviour, but because we have more and more information about it. We learned that this mountain diverts the wet air from the south and now we have a doppler radar with twice the resolution of the last generation.
Ages ago i came up with a probability funnel/cone drawing that shows this. Draw a square, draw a funnel/cone shape that is closed at one end and all the way open at the other. Held with the opening to the right you see the range of possibilities growing over time. This is like trying to predict the weather further and further out. Rotate the paper 180 degrees and it shows your attempts to predict todays weather over the course of last week. By Monday you have a much better idea than you did last Tuesday.
Another way to think of it is: a car driving full speed on the salt flats. We know it's speed is fixed at 100 MPH. We are trying to predict where it will be in 1 minute. The car can only turn so much without tumbling to the driver's death. Therefore we can draw a cone of possibilities of X degrees per second in each direction. The car can go left and right at the drivers whim, but there is a bounded area showing where he can go in the time allowed. When crosses the line where he can start turning the possible end locations are many. But with each passing second it will become clearer where he'll be at the end. Where he ends up is random insofar as we don't know what he's going to do (straight, zig zag, hard left). He might have a plan, or he might wing it. In any case, the final location is *caused* by his turning the wheel.
Randomness of macro (not quantum) objects behavior isn't magical. It's just a reflection of our ignorance and lack of control over circumstances. Your bumping into an ex at the coffee shop is not random (or destiny). Each of you chose to go there at the same time. An outsider watching both of you would see it unfold as a series of choices. Hamlet shows a chaotic situation caused by independent agents making choices. Polonius decides to hide. Hamlet decides to stab the figure behind the curtain (but wasn't trying to stab Polonius).
So, in a way, randomness is dramatic irony. Sometimes you are the actor, bumbling about your plan colliding into other plans. Sometimes you're the audient seeing it all unfold. Without perception (an audience) there's no randomness... just events unfolding.
Utilizing the synergization of benchmark e-solutions to pre-workaround action items!
Actually, I've heard on the radio that some researchers (didn't catch their names) have recently demonstrated that the probability of the coin landing with in the same orientation it started with is slightly higher than the probability of landing the other way. And you can train yourself to influence the probability. So 50/50 ... probably close, but not necessarily, and definitely not for every coin and every person.
Please correct me if I got my facts wrong.
Indeed. I listened to a podcast a while back in which Robert Krulwich (RadioLab?) discussed randomness with a researcher and how we think about randomness.
A scientist he interviewed stated that she assigned tasks to several different teams. For one team, she instructed them to flip a coin some fixed number of times (perhaps 100) and to then report the sequence of heads and tails (H H T H T T H T T T etc). For the second team, she instructed them to NOT flip a coin, but to simply write down a sequence that they think might be produced by the flipping of the coin. The teams each present their report, and she is not told which list was generated by which means.
However, she said it was easy to spot the "human" generated list, because it rarely contained a sequence of more than a few sequential entries of H H H H, for example. Whereas the truly random list might have even up to NINE sequential heads or tails. The average human just couldn't fathom such a "random" sequence [mathematicians excluded, naturally].
I only post comments when someone on the internet is wrong.
How about this as random?
Sr5&8w796Z6W9mVVM7HAuv43Yg8D523QwTf25646@SEKKEP3#m2t3f@2ap95295437852^5262S*qMK#b&B#^aXbxNfRQudSCz9P
Sort of looks like there are groups of character-types, but I guess it could be random.
Actually anything could be random, because by its very nature a random process can create anything, including "Sort of looks like there are groups of character-types, but I guess it could be random."
However, it's still much more likely that you intentionally wrote that sentence, that that it just happened to be generated by a random process.
The Tao of math: The numbers you can count are not the real numbers.
Radiolab, yes. Episode called Stochasticity.
grammar-lesson free since 1999. (rescinded - 2005)
TFA gives an example "Such simulations can test theories of hurricane formation, climate change, and the spread of disease epidemics, for instance." Which required repeatable random numbers.
For cryptography its fine though.
[Intentionally left blank]
Would you prefer tits or GTFO?
I'd prefer tits.
Bow-ties are cool.
Keep in mind that it's possible for a 15-year-old to be a mother, 30-year-old to be a grandmother and a great grandmother at 45.
And since there are women who have given birth at 60, you could technically be a great great grandmother at 60 AND have a kid who is younger.
Tacky, perhaps, but from a biological perspective you've certainly been successful.
I do this as a teaching exercise in my intro stats class: give the instructions; split into two teams; leave; and come back in when a student knocks on the door. You can spot the difference almost immediately, with a sequence of about 50 "tosses".
It also shows them that absence of evidence is not evidence of absence. Usually, both of the teams gets approximately 50/50 distribution of H/T (within the margin of statistical significance), so this test is shown inadequate. However, once you write down the run-lengths (i.e., HHTHHHHHTTT -> 2,1,5,3) for each sequence, it's totally obvious to everyone (and can also be formalized by comparing it to a sequence of independent negative-binomial draws).
Note, it's important to split the people into teams. This way, even if one clever/knowledgable person tries to introduce long runs, the rest of the team will shout him/her down. :)
"They were pure niggers." – Noam Chomsky
2 to the 9'th is 256, so most random sequences would not have had 9 sequential results in a row.
In a world where 2^9 = 256, absolutely anything can happen.