[Python-ideas] Should our default random number generator be secure?
Robert Kern
robert.kern at gmail.com
Thu Sep 10 19:29:22 CEST 2015
On 2015-09-10 00:15, Nathaniel Smith wrote:
> On Wed, Sep 9, 2015 at 3:19 PM, Tim Peters <tim.peters at gmail.com> wrote:
>> The Twister's provably perfect equidistribution across its whole
>> period also has its scary sides. For example, run random.random()
>> often enough, and it's _guaranteed_ you'll eventually reach a state
>> where the output is exactly 0.0 hundreds of times in a row. That will
>> happen as often as it "should happen" by chance, but that's scant
>> comfort if you happen to hit such a state. Indeed, the Twister was
>> patched relatively early in its life to try to prevent it from
>> _starting_ in such miserable states. Such states are nevertheless
>> still reachable from every starting state.
> This criticism seems a bit unfair though -- even a true stream of
> random bits (e.g. from a true unbiased quantum source) has this
> property, and trying to avoid this happening would introduce bias that
> really could cause problems in practice. A good probabilistic program
> is one that has a high probability of returning some useful result,
> but they always have some low probability of returning something
> weird. So this is just saying that most people don't understand
> probability. Which is true, but there isn't much that the random
> module can do about it :-)
The MT actually does have a problem unique to it (or at least to its family of
Generalized Feedback Shift Registers) where a state with a high proportion of 0
bits will get stuck in a region of successive states with high proportions of 0
bits. Other 623-dimensional equidistributed PRNGs will indeed come across the
same states with high 0-bit sequences with the frequency that you expect from
probability, but they will be surrounded by states with dissimilar 0-bit
proportions. This problem isn't *due* to equidistribution per se, but I think
Tim's point is that you are inevitably due to hit one such patch if you sample
long enough.
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
More information about the Python-ideas
mailing list