Well since we're just arguing semantics, indeed, a random shuffle of a known interval isn't the same thing as a set of random numbers. But I never said they were the same thing. I merely said that it is not any "less random", and indeed it isn't.
A random shuffle is really a random selection from a uniform distribution of the set of all possible permutations on that range of numbers (or N!).
And who said the numbers had to be used for cryptographic purposes? You're adopting a very narrow view of things to make your case, pilgrim.
Any time you impose a restriction on random, you've made it not random.
Well this is just plain false (eg. if I restrict myself to a set of random even numbers, the numbers I've chosen are still random, and indeed, no less random). I think what you meant to say is that for cryptographic purposes, random numbers should only be chosen from a uniform distribution. This is an arguable proposition, especially since many distributions can be translated into one another, and thus any cryptographic function can transform a non-uniform distribution into a uniform one. | [reply] |
A random shuffle is really a random selection from a uniform distribution of the set of all possible permutations on that range of numbers (or N!).
This assumes that you're chosing one member from the interval. However, even this has a gotcha or two. If you do this on a large scale, an attacker will surely notice that all of your "random" numbers come from the same interval and exploit this fact.
Moreover, in terms of randomness, a random shuffle and just choosing a random number are vastly different. One is chosing a member from an finite set without replacement, the other is chosing a member from an infinite set with replacement. That is to say that in the true random case, you are just as likely to pick the number that you just picked as you are any other number. In the random shuffle situation, you are guaranteed that this is not the case. An attacker can exploit this, too. For instance, let's say that the interval was [1,4]. As the attacker, you have this knowledge. Furthermore, you've observed, the following numbers go by: 2, 4, 1. What's the next number in the sequence?
And who said the numbers had to be used for cryptographic purposes?
Is there any other use? ;)
thor
Feel the white light, the light within
Be your own disciple, fan the sparks of will
For all of us waiting, your kingdom will come
| [reply] |
| [reply] |
an attacker will surely notice...
Again, you are presuming a cryptographic application. No such presumption is warranted based on the root node.
Moreover, in terms of randomness, a random shuffle and just choosing a random number are vastly different.
What part of "indeed, a random shuffle of a known interval isn't the same thing as a set of random numbers... I never said they were the same thing." was unclear?
... the other is chosing a member from an infinite set with replacement. (emphasis mine)
A random number need not necessarily be chosen from an infinite set. Furthermore, an infinite number of randomly chosen numbers from a finite set is equivalent to a random selection from a continuous interval (infinite set). Therefore, a random shuffle (or multiple random shuffles, depending on the desired cardinality) can be transformed algorithmically into a random number suitable for cryptographic use.
| [reply] |