Scribd
Upload
7 views

Randomnumbers

Random numbers curs

Uploaded by

george basalic
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
7 views

Randomnumbers

Random numbers curs

Uploaded by

george basalic
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 26

Generating Random and

Pseudorandom Numbers

Michael Goodrich
CS 165

Some slides from CS 15-853:Algorithms in the Real World,


Carnegie Mellon University
Random Numbers in the Real World

https://fitforrandomness.files.wordpress.com/2010/11/dilbert-does-randomness.jpg

https://xkcd.com/221/ Page2
Random number sequence definitions
Randomness of a sequence is the
Kolmogorov complexity of the
sequence (size of smallest Turing
machine that generates the
sequence) – infinite sequence should
require infinite size Turing machine.

This definition is useful for proving


computational complexity results,
but it is not as useful for algorithm Andrey Kolmogorov
experiments.

Page3
Random number sequence definitions
Each element is chosen independently
from a probability distribution
[Donald Knuth].

This definition is more usable for


algorithm experiments.

A typical distribution is the uniform


distribution, where every number in
a range of numbers is equally likely.
Donald Knuth

Page4
Environmental Sources of Randomness
Radioactive decay http://www.fourmilab.ch/hotbits/

Radio frequency noise http://www.random.org

Noise generated by a resistor or diode.

– Canada http://www.tundra.com/ (find the data encryption


section, then look under RBG1210. My device is an NM810 which
is 2?8? RBG1210s on a PC card)
– Colorado http://www.comscire.com/
– Holland http://valley.interact.nl/av/com/orion/home.html
– Sweden http://www.protego.se

Inter-keyboard timings (watch out for buffering)

Inter-interrupt timings (for some interrupts)

Page5
Combining Sources of Randomness
Suppose r1, r2, …, rk are random numbers from
different sources. E.g.,

r1 = from JPEG file


r2 = sample of hip-hop music on radio
r3 = clock on computer

b = r1 Å r2 Å … Å rk

If any one of r1, r2, …, rk is truly random, then so is b.

Page6
Skew Correction
Von Neumann’s algorithm – converts biased random
bits to unbiased random bits:

Collect two random bits.

Discard if they are identical.

Otherwise, use first bit.

Efficiency?
John von Neumann

Page7
Chi Square Test
Experiment with k outcomes, performed n times.
p1, …, pk denote probability of each outcome
Y1, …, Yk denote number of times each outcome occured

Large X2 indicates deviance from random chance

Page8
Analysis of random.org numbers
John Walker’s Ent program

Entropy = 7.999805 bits per character.


Optimum compression would reduce the size of this
1048576 character file by 0 percent.
Chi square distribution for 1048576 samples is
283.61, and randomly would exceed this value
25.00 percent of the times.
Arithmetic mean value of data bytes is 127.46
(127.5 = random).
Monte Carlo value for PI is 3.138961792 (error
0.08 percent).
Serial correlation coefficient is 0.000417
(totally uncorrelated = 0.0

Page9
Analysis of JPEG file
Entropy = 7.980627 bits per character.
Optimum compression would reduce the size of this
51768 character file by 0 percent.
Chi square distribution for 51768 samples is
1542.26, and randomly would exceed this value
0.01 percent of the times.
Arithmetic mean value of data bytes is 125.93
(127.5 = random).
Monte Carlo value for Pi is 3.169834647 (error
0.90 percent).
Serial correlation coefficient is 0.004249
(totally uncorrelated = 0.0).

Page10
Pseudorandom Number Generators
• A pseudorandom number generator (PRNG) is an
algorithm for generating a sequence of numbers
whose properties approximate the properties of
sequences of random numbers.
• The PRNG-generated sequence is not truly
random, because it is completely determined by an
initial value, called the PRNG's seed (which may
include truly random values).
• Although sequences that are closer to truly
random can be generated using hardware random
number generators, pseudorandom number
generators are important in practice for their
speed and reproducibility.
Page11
Pseudorandom Number Generators
• PRNGs are central in applications such as
simulations (e.g. for the Monte Carlo method),
electronic games (e.g. for procedural generation),
and cryptography.
• Cryptographic applications require the output not
to be predictable from earlier outputs.

“Anyone who considers arithmetical


methods of producing random digits
is, of course, in a state of sin.”

- John Von Neumann, 1951


Page12
Simple Visual Test
• Create a visualization of the consecutive tuples of
numbers it produces.
• Humans are really good at spotting patterns.

Page13
Linear Congruential Generator (LCG)
x0 = given, x n+1 = P1 xn + P2 (mod N) n = 0,1,2,... (*)

x 0 =79, N = 100, P 1 = 263, and P 2 = 71

x1 = 79*263 + 71 (mod 100) = 20848 (mod 100) = 48,


x2 = 48*263 + 71 (mod 100) = 12695 (mod 100) = 95,
x3 = 95*263 + 71 (mod 100) = 25056 (mod 100) = 56,
x4 = 56*263 + 71 (mod 100) = 14799 (mod 100) = 99,

Sequence: 79, 48, 95, 56, 99, 8, 75, 96, 68, 36, 39, 28, 35, 76, 59, 88,
15, 16, 79, 48, 95

Park and Miller:


P1 = 16807, P2 = 0, N= 231-1 = 2147483647, x0 = 1.

ANSI C rand():

P1 = 1103515245, P2 = 12345, N = 231, x0 = 12345


Page14
Example Comparison

Page15
Plot (xi, xi+1)

Page16
Plot (xi, xi+1)

Park and Miller

Page17
(xi, xi+1), (xi,xi+2), (xi, xi+2)

http://www.math.utah.edu/~alfeld/Random/Random.html
Page18
Visual Test in 3D
• Three-dimensional plot of 100,000 values
generated with IBM RANDU routine. Each point
represents 3 consecutive pseudorandom values.
• It is clearly seen that the points fall in 15 two-
dimensional planes.

Page19
Matsumoto’s Marsenne Twister

Considered one of the best linear


congruential generators.

http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html

Page20
Example Visual Test

Page21
Cryptographically Strong Pseudorandom
Number Generator

Next-bit test: Given a sequence of bits x1, x2, …, xk,


there is no polynomial time algorithm to generate
xk+1.

Yao [1982]: A sequence that passes the next-bit test


passes all other polynomial-time statistical tests
for randomness.

Page22
Hash/Encryption Chains

Last bit
of xi+1
key Hash or Encryption Function xi+1

xi

(need a random seed x0 or key value)

Page23
Some Cryptographic Hash Functions
• SHA-1 Hash function https://en.wikipedia.org/wiki/SHA-1

• MD5 Hash function https://en.wikipedia.org/wiki/MD5

• These functions are good pseudo-random number


generators and when seeded with a random number
generator, they provide good sequences for use in
algorithm experiments.

Page24
BBS “secure” random bits
BBS (Blum, Blum and Shub, 1984)
– Based on difficulty of factoring, or finding
square roots modulo n = pq.
Fixed For a particular bit seq.
• p and q are primes such • Seed: random x
that p = q = 3 (mod 4) relatively prime to n.
• n = pq (is called a Blum • Initial state: x0 = x2
integer) • ith state: xi = (xi-1)2
• ith bit: lsb of xi
Note that: x 0 =-2 i mod f ( n )
xi (mod n)
Therefore knowing p and q allows us to find x0 from xi
25
Random Numbers in Python
https://docs.python.org/3/library/random.html

[Review this website]

26

You might also like