Random number generation, simple question.
Mitchell Morris
mmorris at mindspring.com
Mon Jul 3 12:41:54 EDT 2000
kalle at gnupung.net (Kalle Svensson) wrote in
<Pine.GSO.4.21.0007031546410.25965-100000 at luna.dsv.su.se>:
>Hello.
>
>I have a few questions about the (pseudo) random number generator supplied
>in the standard library. I need 80 random bits (for a CipherSaber IV) but
>I hear most RNG's only supply 32 bits or less. My questions are:
>
> * How many random bits does whrandom.random() generate?
I don't have the references from whrandom handy, but (a) I can flip through
my Knuth book (flip, flip, flip) to see that there are several constants by
which you can get an LCM to generate 2^32 values each of which could be 32
bits long, and (b) Wichmann-Hill is rather more advanced than an LCM, so 32
*2^32 should be considered a reasonable lower limit. Since you only need 80
or so, you should be okay.
> * Suppose I do a loop where I get a byte at a time and then re-seed the
> generator either with random numbers from the generator or with values
> from time. Will that improve the randomness?
The short answer is (a) no, that won't actually improve anything, and (b)
it would be overkill anyway. All you need to do is:
>>> import random
>>> session_key = []
>>> for i in range(10):
... session_key.append(random.randint(0, 255))
and go about your business normally.
The long answer is you can't generate randomness from nothing, which is
what you're trying to do by reseeding your generator with output from your
generator. If you really need more entropy, you need to find it somewhere
else, perhaps by measuring some physical properties. To answer your next
question, this is what /dev/random does ... it distills single bits of
entropy by measuring a sheaf of physical properties as the system runs,
then mixes them with the bits it already has, and doles them out to you
when asked.
There is a discussion about both of these in the design of Yarrow
(http://www.counterpane.com/yarrow-notes.html) which may be of interest to
you if you're looking to further your knowledge of your ignorance of
generating pseudo-random numbers.
> * Are there better alternatives? I understand I could read from
> /dev/random on Linux, but this isn't portable, and even though I only
> use GNU/Linux myself, I have friends who don't. If anyone can tip me
> off about a similar feature in Win32, I could just detect platform and
> use the appropriate function, of course. I don't think I have to care
> about Macs or other *NIX dialects. Phew... :)
>
>Hope I'm making sense even though I hardly understand what I'm talking
>about... :)
>
>TIA,
> Kalle Svensson
It's been a while since I looked at CipherSaber, but as I recall you only
need entropy for the session key. You will probably find that almost any
silly stupid PRNG will suffice for that, and most operating systems will
provide you a silly stupid one.
My knee-jerk response is don't use rand()/srand() if random()/srandom() are
available. I suspect, and this is completely without analysis, that
whrandom.random() will be more than enough for this exercise.
If human lives are at stake, however, you really should try to educate
yourself further so you can make your own analysis of the risks involved.
HTH. HAND.
+Mitchell
More information about the Python-list
mailing list