Author

Topic: Semi-random * random = ? (Read 1740 times)

hero member
Activity: 692
Merit: 569
December 02, 2014, 06:05:20 AM
#13
Try this http://www.issihosts.com/haveged/

Known to generate entropy good enough for Rajnikanth Cheesy
hero member
Activity: 686
Merit: 500
vini, vedi, no vici.
November 17, 2014, 02:56:48 AM
#12
Multiplying random numbers with less random numbers reduces the final number's randomness.

Here's an example. Say you want to generate random numbers mod 4. So you first generate a random number with probability distribution:
Code:
Random number   0   1   2   3
Probability   .25 .25 .25 .25

Now you get another number from elsewhere with this distribution:
Code:
Other number    2   3
Probability   .75 .25

Then your final number's probability will be this (using the multiplication rule):
Code:
Final number    0   1   2   3
Probability   .44 .06 .44 .06

The result is not at all uniform. This same thing will happen with larger numbers, though it might be less noticeable.

The proper way to do this is to use a cryptographically-secure pseudorandom number generator (CSPRNG) and seed it with both the random number and the non-random number. One simple algorithm is to treat the random number as a string, concatenate it with the non-random number, and hash this combined string with a cryptographically-secure hash function. Then convert the hash into a number.

However, you should not implement cryptographic algorithms unless you really know what you're doing. There are all kinds of possible pitfalls. Use a prebuilt CSPRNG from a library like OpenSSL instead.


Watta a pleasant surprise, Mr. Marquardt!
Cheesy
administrator
Activity: 5222
Merit: 13032
November 17, 2014, 01:58:02 AM
#11
Multiplying random numbers with less random numbers reduces the final number's randomness.

Here's an example. Say you want to generate random numbers mod 4. So you first generate a random number with probability distribution:
Code:
Random number   0   1   2   3
Probability   .25 .25 .25 .25

Now you get another number from elsewhere with this distribution:
Code:
Other number    2   3
Probability   .75 .25

Then your final number's probability will be this (using the multiplication rule):
Code:
Final number    0   1   2   3
Probability   .44 .06 .44 .06

The result is not at all uniform. This same thing will happen with larger numbers, though it might be less noticeable.

The proper way to do this is to use a cryptographically-secure pseudorandom number generator (CSPRNG) and seed it with both the random number and the non-random number. One simple algorithm is to treat the random number as a string, concatenate it with the non-random number, and hash this combined string with a cryptographically-secure hash function. Then convert the hash into a number.

However, you should not implement cryptographic algorithms unless you really know what you're doing. There are all kinds of possible pitfalls. Use a prebuilt CSPRNG from a library like OpenSSL instead.
hero member
Activity: 686
Merit: 500
vini, vedi, no vici.
November 17, 2014, 01:27:16 AM
#10
Thanks! I'd downloaded supporting material to learn suggested OTP. Will encrypt something soon
full member
Activity: 196
Merit: 100
November 16, 2014, 10:03:35 AM
#9
Random*semi-random= kind of super random
Why dont you try studying some algorithms?

I'd love to dive-in algorithm world as they based on my love--logic and deduction. Sadly, I don't know how to inject myself into algorithm. All I remember is failing in C++ back in college days as I never understood loops, i, j ,k and  failed make following with codes:

*
**
***
****
*****
******

Now, I feel confident. But, don't know from where and how to start. I've contemplated a lot on algorithm which judges compatibility to two people by analysing their chat sessions and thus reveal digits of mobile number one-by-one as rapport becomes stronger. If interested, I'd love to discuss it.

How you plan to peek my interested in algorithms?
*Excited*  Grin

Well I made this *
**
***
****
*****
****** program in my 7th class.
Why don't you try making one time pads? They are ultra secure.
Hell yeah! One time pads! They are literally unbreakable! Its a 1917 tech, but still useful! Best for encyption
full member
Activity: 210
Merit: 100
November 16, 2014, 02:37:51 AM
#8
Random*semi-random= kind of super random
Why dont you try studying some algorithms?

I'd love to dive-in algorithm world as they based on my love--logic and deduction. Sadly, I don't know how to inject myself into algorithm. All I remember is failing in C++ back in college days as I never understood loops, i, j ,k and  failed make following with codes:

*
**
***
****
*****
******

Now, I feel confident. But, don't know from where and how to start. I've contemplated a lot on algorithm which judges compatibility to two people by analysing their chat sessions and thus reveal digits of mobile number one-by-one as rapport becomes stronger. If interested, I'd love to discuss it.

How you plan to peek my interested in algorithms?
*Excited*  Grin

Well I made this *
**
***
****
*****
****** program in my 7th class.
Why don't you try making one time pads? They are ultra secure.
hero member
Activity: 686
Merit: 500
vini, vedi, no vici.
November 16, 2014, 01:51:01 AM
#7
Random*semi-random= kind of super random
Why dont you try studying some algorithms?

I'd love to dive-in algorithm world as they based on my love--logic and deduction. Sadly, I don't know how to inject myself into algorithm. All I remember is failing in C++ back in college days as I never understood loops, i, j ,k and  failed make following with codes:

*
**
***
****
*****
******

Now, I feel confident. But, don't know from where and how to start. I've contemplated a lot on algorithm which judges compatibility to two people by analysing their chat sessions and thus reveal digits of mobile number one-by-one as rapport becomes stronger. If interested, I'd love to discuss it.

How you plan to peek my interested in algorithms?
*Excited*  Grin
full member
Activity: 210
Merit: 100
November 15, 2014, 09:04:13 AM
#6
Random*semi-random= kind of super random
Why dont you try studying some algorithms?
hero member
Activity: 686
Merit: 500
vini, vedi, no vici.
November 15, 2014, 12:42:27 AM
#5
CounterEntropy suggesting way to achieve high degree of entropy. Ironic! Tongue

Thanks buddy! I'll take a lot to understand better and apply same.
full member
Activity: 214
Merit: 278
November 14, 2014, 05:17:04 PM
#4
I'm planning to use inbuilt library to generate random seed for private key. But, I don't trust randomness created by some other source as it is impossible for be to assess whether particular number is random or not. Therefore, I've decided to take inputs from every changing variables like- temperature, date and time, humidity, etc and then multiply that number with random one provided by in-built library.

How effective is this approach to secure large amount of coins?
Anything else, I can attempt an to achieve 'impossible' absolute entropy?


If you are looking for a higher degree of entropy, try this => Alpharand; a do it yourself Quantum Random Number Generator using alpha decay
hero member
Activity: 686
Merit: 500
vini, vedi, no vici.
November 14, 2014, 10:15:13 AM
#3
Temperature and humidity to a great extent are predictable. I made a c program that generated random seeds(atleast for me they were completely random). Ill post that program in a while.

Temperature and humidity are semi-random but if you think carefully then chances are those multiplied with "proposed" random number will hive highly probable random number. This is what I want to make sure here.

Please, post your program here.
full member
Activity: 196
Merit: 100
November 14, 2014, 05:27:03 AM
#2
Temperature and humidity to a great extent are predictable. I made a c program that generated random seeds(atleast for me they were completely random). Ill post that program in a while.
hero member
Activity: 686
Merit: 500
vini, vedi, no vici.
November 13, 2014, 02:09:21 AM
#1
I'm planning to use inbuilt library to generate random seed for private key. But, I don't trust randomness created by some other source as it is impossible for be to assess whether particular number is random or not. Therefore, I've decided to take inputs from every changing variables like- temperature, date and time, humidity, etc and then multiply that number with random one provided by in-built library.

How effective is this approach to secure large amount of coins?
Anything else, I can attempt an to achieve 'impossible' absolute entropy?
Jump to: