Embed Size (px)
Citation preview
George LandonChao Shen
Chengdong Li
An IntroductionGeorge Landon
Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin.– John Von Neumann (1951)
IntroductionIntroduction
DefinitionHistoryTypesTests for RandomnessUses
Webster Defines RandomWebster Defines Random
Lacking a definite plan, purpose, or pattern
A set where each of the elements has equal probability of occurrence
Random NumbersRandom Numbers
A sequence in which each term is unpredictable– D. H. Lehmer (1951)
Examples between 1 and 100– 29, 95, 11, 60, 22
History according to KnuthHistory according to KnuthIn times of yore:- Balls were drawn out of well stirred urns
- Dice were rolled
- Cards were dealt
Organizing Random NumbersOrganizing Random Numbers
In 1927, L.H.C Tippet published a table of 40,000 random digitsMechanically Driven– Special Machines were used to generate
random numbersKendall and Babington-Smith (1939)
– Generated a table of 100,000 random digitsRAND Corporation (1955)
– Generated a table of 1,000,000 random digits
TypesTypes
Truly Random
Pseudorandom
Quasi-Random
Truly RandomTruly Random
Follows directly from definition of random.Each element has equal probability of being chosen from the set.
Truly Random ExamplesTruly Random Examples
Randomly emmited particles of radiation– Geiger Counter
Thermal noise from a resistor– Intel’s Random Number Generator
PseudorandomPseudorandom
A finite set of numbers that display qualities of random numbersTests can show that there are patternsSubsequent numbers can be “guessed”
QuasiQuasi--RandomRandom
A series of numbers satisfying some mathematical random properties even though no random appearance is providedGood for Monte-Carlo methods– Lower discrepancies offer better convergence
Some Tests for RandomnessSome Tests for RandomnessEntropy– Information density of the content of a sequence
High density usually means random
Arithmetic MeanChi-square Test– Provides a probability for the randomness for a
sequenceAn example Pseudorandom number test– http://www.fourmilab.ch/random/
Practical UsesPractical Uses
SimulationComputer ProgrammingDecision MakingRecreation
SimulationSimulation
Simulate natural phenomena on a computerUsed for experiments in sterile conditions to make them more realisticUseful in all of the Applied Disciplines
Computer ProgrammingComputer Programming
Test program effectivenessTest algorithm correctness– Instead of all possible inputs use a few random
numbersMicrosoft has used this logic in testing their software
Decision MakingDecision Making
When an “unbiased” decision is needed– Fixed decision can cause some algorithms to
run more slowlyGood way of choosing who goes first– Sporting events
RecreationRecreation
Lottery– Equal odds– The KY Lottery uses Microsoft Excel’s RNG for
“various second chance drawings“
Casinos– Provides a chance for “luck”
Recreation (cont)Recreation (cont)
Video Games– Random events keep games entertaining– Q-bert
ReferencesReferences
3D Project Team. http://icfa3d.web.cern.ch/ICFA3D/3D/html2/node1.htmlENT - A Pseudorandom Number Sequence Test Program. http://www.fourmilab.ch/random/Knuth, D. The Art of Computer Programming –Volume 2. 1971Random.org. http://www.random.org/essay.html
ClassificationChao Shen
Classification of random numbersClassification of random numbers
Truely random numbersPseudo-random numbersQuasi-random numbers
The advantages of true random The advantages of true random numbers numbers
No periodicities. Not based on an algorithm. No predictability of random numbers based on knowledge of preceding sequences. Certainty that no hidden correlations are present.
Example : ZRANDOM Example : ZRANDOM
PseudoPseudo--random number random number generator generator
The pseudo-random number generator requires a number to start with that gets plugged in to the set of equations. After that it uses part of the result from the last time it was used as input to the next iteration. This starting number is called the seed.
Methods for Random Number Methods for Random Number GenerationGeneration
Linear Congruential Generators Lagged Fibonnaci Generators Shift Register Generators Combined Generators
LinearLinear CongruentialCongruential GeneratorsGenerators(LCG)(LCG)
Xi=(aX i-1+c) Mod mwhere m is the modulus, a the multiplier, and c the additive constant or addend. The size of the modulus constrains the period, and it is usually chosen to be either prime or a power of 2. LCGs are not recommended to be used in computer simulations, nor any other purposes which require higher degrees of randomness.
Example ( LCG)Example ( LCG)
Let a=1,c=5,m=16 and x0=1. The sequence of pseudo-random integers generated by this algorithm is: 1,6,15,12,13,2,11,8,9,14,7,4,5,10,3,0,1,6,15,12,13,2,11,8,9,14,….
Improvement of LCGImprovement of LCG
Multiple recursive generators (MRG) Xi=( a1Xi-1+a2Xi-2+….. +akXi-k+b) mod MBy choosing k > 1 will increase the time taken to generate each number, but will greatly improve the period and randomness properties of the generator
LaggedLagged FibonnaciFibonnaci GeneratorsGenerators
LFGs have become popular recently. The name comes from the Fibonacci sequence : 1, 1, 2, 3, 5, 8, ...…(X n = X n-1 + X n-2).LFGs generate random numbers from the following iterative scheme: X n = X n-i X n-k (mod m), i and k are lags, i >k, and is a binary operation.
Shift Register GeneratorsShift Register Generators
Shift register (SRG) generators are generally used in a form where they can be considered as a special case of a laggedFibonacci generator using XOR. XOR gives by far the worst randomness properties of any operation for an LFG, so these generators are not recommended.
Combined GeneratorsCombined Generators
Better quality sequences can often be obtained by combining the output of the basic generators to create a new random sequence as : Zn= Xn Yn
where is typically either the exclusive-or operator or addition modulo some integer m, and x and y are sequences from two independent generators.
Requirements for Sequential Random Requirements for Sequential Random Number GeneratorsNumber Generators
uniformly distributeduncorrelatednever repeats itselfsatisfy any statistical test for randomnessreproduceable portable
Requirements for Sequential Random Requirements for Sequential Random Number GeneratorsNumber Generators
(continue)(continue)
can be changed by adjusting an initial “seed”valuecan easily be split into many independent subsequencescan be generated rapidly using limited computer memory
Parallel Random Number Parallel Random Number GeneratorsGenerators
Many different parallel random number generators have been proposed, but most of them use the same basic concept, which is to parallelize a sequential generator by taking the elements of the sequence of pseudo-random numbers it generates and distributing them among the processors in some way.
The Leapfrog MethodThe Leapfrog Method
Ideally we would like a parallel random number generator to produce the same sequence of random numbers for different numbers of processors. A simple way to achieve this goal is for processor P of an N processor machine to generate the sub-sequenceX P , X P+N , X P+2N , …. ,
Sequence SplittingSequence Splitting
This can be done by splitting the sequence into non-overlapping contiguous sections, each generated by a different processor. X PL , X PL+1 , X PL+2 , …,Generators that apply leapfrog and sequence splitting method
Independent SequencesIndependent Sequences
This method is similar to sequence splitting, in that each processor generates a different, contiguous section of the sequence. However in this case the starting point in the sequence is chosen at random for each processor, rather than computed in advance using a regular increment.
Requirements for Parallel Random Requirements for Parallel Random Number GeneratorsNumber Generators
there should be no inter-processor correlation sequences generated on each processor should satisfy the qualities of serial random number generators it should generate same sequence for different number of processors it should work for any number of processorsthere should be no data movement between processors
Suggestions on choosing Suggestions on choosing RNGsRNGs
Never trust a parallel random number generator. In particular, never trust the default random number generator provided with the system you are using.If a generator is shown to fail a certain empirical test, that does not necessarily mean that it will also perform poorly for your application, or the results you spent many months gathering using that generator are now invalid.
RecommendationsRecommendationsfor sequential RNGS for sequential RNGS
A multiplicative lagged Fibonacci generator with a lag of at least 127, and preferably 1279 or more.A 48-bit or preferably 64-bit linear congruentialgenerator that performs well in the Spectral Test and has a prime modulus.A 32-bit (or more) combined linear congruentialgenerator, with well-chosen parameters.If speed is an issue, use an additive lagged Fibonaccigenerator with a lag of at least 1279.
Recommendations Recommendations for parallel for parallel RNGsRNGs
A combined linear congruential generator using sequence splitting;A lagged Fibonacci generator, although great care must be exercised in the initialization procedure, to ensure that the seed tables on each processor are random and uncorrelated.
Test for RandomnessTest for Randomnessimport java.util.Random;
class RandomTest {
public static void main (String args[]) {
int[] ndigits = new int[10];
double x;
int n;
Random myRandom = new Random();
// Initialize the array
for (int i = 0; i < 10; i++) {
ndigits[i] = 0;
}
continuecontinuefor (long i=0; i < 100000; i++) {
// generate a new random number between 0 and 9
x = myRandom.nextDouble() * 10.0;
n = (int) x;
//count the digits in the random number
ndigits[n]++;
}
for (int i = 0; i < 10; i++) {
System.out.println(i+": " + ndigits[i]);}
}
}
Sample outputSample output
0: 10171 1: 9724 2: 9966 3: 10065 4: 9989 5: 10132 6: 10001 7: 10158 8: 98879: 9907
Random number generator in Random number generator in MatlabMatlab
Y = randn(m,n) or Y = randn([m n]) returns an m-by-n matrix of random entries.Y = randn(m,n,p,...) or Y = randn([m n p...]) generates random arrays.Y = randn(size(A)) returns an array of random entries that is the same size as A.randn, by itself, returns a scalar whose value changes each time it's referenced.
Example: x=Example: x=randnrandn(100,50)(100,50)
Recommended Random Number Recommended Random Number Generator SoftwareGenerator Software
Combined linear congruential generators with parameters recommended by L'Ecuyer, parallelized using sequence splitting. * RANECU from CERNLIBLagged Fibonacci generator using ultiplication, parallelized using independent sequences. * FIBMULT from Syracuse UniversityLagged Fibonacci generator using addition, parallelized using independent sequences. Be sure to use the largest possible lag. *Scalable Parallel Random Number Generator (SPRNG) Library from NCSA *FIBADD from Syracuse University
Online ReferenceOnline Reference
http://www.uni-karlsruhe.de/~RNG/http://archive.ncsa.uiuc.edu/Apps/CMP/RNG/www-rng.htmlhttp://webnz.com/robert/true_rng.htmlhttp://www.compapp.dcu.ie/~hruskin/RanNumb.ppthttp://wwws.irb.hr/~stipy/random/essay.html http://www.cs.adelaide.edu.au/users/paulc/papers/NHSEre view1.1/PRNGreview.pdfhttp://www.elec.rdg.ac.uk/staff_postgrads/academic/jbg/teaching/ random.html
continuecontinue
http://archive.ncsa.uiuc.edu/Apps/SPRNG/www/generators.htmlhttp://home.t-online.de/home/p.westphal/zran_eng.htm http://mandala.co.uk/links/random/
ApplicationChengdong Li
Application of random number Application of random number in different areas in different areas
Control/test of gambling machinesCreation of lottery numbersEncryption of data (e.g. for communication in the Internet)Generation of code numbers or transaction numbersDigital signaturesDirect use for Monte-Carlo simulations or generation of seed numbersNumeric solution of mathematical problems
Topics covered:Topics covered:
Random number
Computer game cryptography Scientific research
Random number and gameRandom number and game
Why introduce random into Why introduce random into Game?Game?
Interest.Simulating some phenomenon in real world
Examples: Computer gameExamples: Computer game
Computer game (cont.)Computer game (cont.)
Super mario Advance
Example: lotteryExample: lottery
Random number and Random number and CryptographyCryptography
"It is impossible to predict the unpredictable."-Don Cherry
What isWhat is Cryptography?Cryptography?To most people, cryptography means keeping communications private, however, today’s cryptography is more than this:– Encryption
Transform data into a form that is virtually impossible to read without the appropriate knowledge (a key).
– DecryptionTransform encrypted data back into an intelligible form (by an algorithm and a key).
– Digital AuthenticationProvide assurance that communication is from a particular person.
– CertificationProve we know certain information without revealing the information
The application of The application of cryptographycryptography
Build secure protocol and scheme.Provide basic tools for higher application.
Example:Example:
Example (cont.)Example (cont.)
Random source in Random source in CryptographyCryptography
Almost all cryptographic protocols require the generation and use of secret values that must be unknown to attackers. Random number generator (RNG) is required. For example– RNGs are required to generate public/private key pairs
for asymmetric (public key) algorithms including RSA, DSA, and Diffie-Hellman.
– Keys for symmetric and hybrid cryptosystems are also generated randomly.
– RNGs are also used to create challenges, nonces (salts), padding bytes, and blinding values. The one time pad –the only provably-secure encryption system – uses as much key material as cipher-text and requires that the key-stream be generated from a truly random process.
A product example:A product example:
Why use random?Why use random?
Secure systems today are built on strong cryptographic algorithms that foil pattern analysis attempts.The security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar quantities.The use of random techniques to generate secret quantities can foil the attacker efficiently.
Desired requirement for Desired requirement for randomrandom
Because security protocols rely on the unpredictability of the keys they use, random number generators for cryptographic applications must meet stringent requirements.The most important is that attackers, including those who know the RNG design, must not be able to make any useful predictions about the RNG outputs.
Mathematical viewMathematical viewThe entropy of the RNG output should be as close as possible to the bit length.Entropy:– According to Shannon, the entropy H of any message or
state is:
– Where Pi is the probability of state i out of n possible states and K is an optional constant to provide units (e.g. 1/log(2) bit).
– In the case of a RNG that produces a k-bit binary result, Pi is the probability that an output will equal i, where 0≤i<2k.
∑=
−=n
iii ppKH
1log
Mathematical view (cont.)Mathematical view (cont.)
– For a perfect RNG, Pi =2-n and the entropy of the output is equal to K bits. This means that all possible outcomes are equally likely, and on average the information can not be represented in a sequence shorter than K bits.
– In contrast, the entropy of typical English alphabetic text is 1.5 bits per character. This is because there is much more correlation between the different bits in commonly used words, and the the words in the text.
Type of Random sourceType of Random source
Two type:– true-random
unconditionally unguessable, even by an adversary with infinite computing resources
– pseudo-randomgood only against computationally limited adversaries
The requirement from different The requirement from different algorithmalgorithm
The frequency and volume of require for random is different:– RSA
Required when key pair is generated, Thereafter, any number of messages can be signed without any further need for randomness.
– DSARequires good random numbers for each signature .
– One time padRequires a volume of randomness equal to all the messages to be processed.
RSARSA
DSA:DSA:
One time pad:One time pad:
⊕
mi
ci zi
k
Encryption
Key
stream
generator
⊕
ci
mizi
k
Decryption
Key
stream
generator
AuthenticationAuthentication
Alice
Bob
I’m Alice
KAlice-Bob{R}
R
Bob authenticate Alice based on a shared secret key KAlice-Bob
How to generate randomness? How to generate randomness? Hardware used to generate truly randomness:– Sound/video input– Disk drive– Mouse event.– Quantum effects in a semiconductor– Unplugged microphone– air turbulence within a sealed disk drive– timing between keystrokes
How to generate randomness? How to generate randomness?
Non-hardware strategy:– Mixing functions
One which combines two or more inputs and produces an output where each output bit is a different complex non-linear function of all the input bits. DES use strong mixing functions.
Example of mixerExample of mixer
Difference of two strategy:Difference of two strategy:
Hardware generation is based on a physical process. The advantages are obvious:– No periodicities.– Not based on an algorithm.– No predictability of random numbers based on
knowledge of preceding sequences.– No hidden correlations are present.– The equipartition fluctuations are purely stochastic.
(Pseudo-random numbers contain systematic, unnatural fluctuations in the equipartition.)
Conclusion:Conclusion:
Generation of unguessable "random" secret quantities for security use is an essential but difficult task. hardware techniques to produce such randomness would be relatively simple In the absence of hardware sources of randomness, a variety of user and software sources can frequently be used instead with care.
Random number in scientific Random number in scientific researchresearch
Example of randomness Example of randomness requiredrequired
For scientific experiments, it is convenient that a series of random numbers can be replayed for use in several experiments, and pseudo-random numbers are well suited for this purpose .Most random number generators produce what is known as “white” noise. Here white means the successive values of the random numbers are not correlated with each other. It has a very “rich”frequency.
ApplicationApplication
White noise and its usageWhite noise and its usage
Feature:– All frequency.
Usage:– DSP and filter– System identification– Simulation.– Spectra analysis.
Useful links:Useful links:http://world.std.com/~cme/P1363/ranno.htmlhttp://www.faqs.org/faqs/cryptography-faq/part04/http://www.mathworks.com/access/helpdesk/help/toolbox/ident/ch3tut63.shtmlhttp://www.rsasecurity.com/products/bsafe/wtlsc.htmlhttp://www.random.org/http://crypto.mat.sbg.ac.at/generators/http://www.faqs.org/faqs/cryptography-faq/part08/http://www.cryptography.com/resources/whitepapers/IntelRNG.pdfhttp://www.geocities.com/SiliconValley/Code/4704/#Randomness
