[A83] Re: Randomization


[Prev][Next][Index][Thread]

[A83] Re: Randomization




It depends what you mean.  I haven't seen anything that suggests that linear
congruential is a flawed method.  Not being a mathematician or a
cryptologist, I can't speak on it's effectiveness.  That said, if Knuth
wrote about it, and advocates it, then that's enough for me.  If you read
about it in his book (I haven't, but I trust online sources), then you can
see the mathematical proofs behind it.  His books have a lot more than just
a list of algorithms.  They explain, in great detail, how and why things
work.  Given proper parameters, the function will provide a long run of
statistically correct (evenly distributed) random numbers.  However, because
it is an algorithm generating the values, with knowledge of the algorithm
and enough data, it should be possible to determine the parameters and be
able to correctly predict subsequent values in the sequence.

Thus, for cryptographic purposes, you need a more secure way of generating
values.  You do this by combining conventional algorithms, such as this one,
with collected data that is very difficult or impossible to predict.  As I
mentioned in another post, several operating systems, such as Linux, provide
this for you.  If you've ever generated a public/private key pair for use
with SSL, PGP or something similar, then you may have noticed behavior that
is not found in most programs.  For example, the key generator in SecureCRT
(I recommend using PuTTY, as it's free) has you move your mouse around to
generate the necessary entropy.

The calculator's generator more than likely uses the linear congruential
method, as it's based on seeds.  Time is a good way to pick a starting seed.
You need something that will change.  For example, you might display a title
screen when a program starts.  Start a timer when the screen is displayed,
and note how long it takes for the user to press a key.  This value can be
used as the starting seed value for the random number generator.

> So is it possible to create a random number generator that's more complex
> than the calculator's random number generator?






Follow-Ups: References: