[39467] in Cypherpunks
Re: Verification of Random Number Generators
daemon@ATHENA.MIT.EDU (Christopher Nielsen)
Tue Sep 19 14:23:08 1995
To: "Erik E. Fair" (Time Keeper) <fair@clock.org>
Cc: cypherpunks@toad.com
In-Reply-To: Your message of "Tue, 19 Sep 1995 09:04:29 EDT."
<v02110102ac849090d9fe@[17.255.9.110]>
Date: Tue, 19 Sep 1995 14:17:26 -0400
From: Christopher Nielsen <nielsenc@upgrade.com>
On Tue, 19 Sep 1995 09:04:29 -0700
"Erik E. Fair" wrote:
--------
>>
>> Just an idle thought: it might be possible to do a probabalistic
>> verification of a RNG by sampling it over some number of samples, and
>> statistically analyzing the sample space. This would be analysis under the
>> model of "RNG as black box" as opposed to (or rather, if you're smart, in
>> addition to) code inspection & review. Any statisticians among us?
>>
>> Erik Fair
>>
But statistical tests of randomness alone do not make a good RNG.
At least, not for cryptographic use. A cryptographically secure
RNG is also unpredictable, i.e., computationally unfeasible to
predict the next random bit will be given the algorithm, and not
reliably reproduced, i.e., multiple runs with the exact same input
do not generate the same sequence.
-Chris
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Christopher Nielsen UCA&L
System and Network Administrator Buffalo, New York
(nielsenc@upgrade.com) #include <disclaimer.h>
