Re: Cryptographically Secure Psuedorandom Number Genergator

No PRNG is ever CS. Proof: If you know the seed, you know all values. If you don't know the seed where does it come from? From a PRNG? Same problem applies. From a truly random source? This source would be better CS. Else it could be worked out. Then why the PRNG? From a secret key? Where does that come from?

Comment on Re: Cryptographically Secure Psuedorandom Number Genergator - PRNG?

Replies are listed 'Best First'.
Re^2: Cryptographically Secure Psuedorandom Number Genergator - PRNG? by radiantmatrix (Parson) on Jun 20, 2005 at 20:58 UTC
Your proof demonstrates only that no PRNG is truly random: we already know this, and that's why it's called a Psuedo-random number generator. Cryptographically Secure means that the randomness has no easily discernable pattern, and has a very long period -- that is, you don't start demonstrating any pattern until a whole lot of numbers have been generated. Gathering entropy from a random (or "random enough") source for seeding doesn't make for a better source of random numbers; gathering entropy is time-intensive, but if we only do it once and then use a CSPRNG to generate further PR values, you end up with reasonable performance. Besides, you use the seed and then throw it away; as long as no one can derive the seed (with ISAAC, it is 256 32-bit values, so it's tough to brute-force), it's fantasically hard to duplicate the string of random values. I strongly suggest that you research CSPRNG tech -- yes, it isn't as good as using a hardware RNG (or a Lava Lamp) as a source of entropy, but it is a good enough simulation that the numbers generated are random enough for cryptography. Not every application can implement a true RNG. Yoda would agree with Perl design: there is no `try{}`	[reply]

Replies are listed 'Best First'.

Re^2: Cryptographically Secure Psuedorandom Number Genergator - PRNG?
by radiantmatrix (Parson) on Jun 20, 2005 at 20:58 UTC

Your proof demonstrates only that no PRNG is truly random: we already know this, and that's why it's called a Psuedo-random number generator.

Cryptographically Secure means that the randomness has no easily discernable pattern, and has a very long period -- that is, you don't start demonstrating any pattern until a whole lot of numbers have been generated.

Gathering entropy from a random (or "random enough") source for seeding doesn't make for a better source of random numbers; gathering entropy is time-intensive, but if we only do it once and then use a CSPRNG to generate further PR values, you end up with reasonable performance. Besides, you use the seed and then throw it away; as long as no one can derive the seed (with ISAAC, it is 256 32-bit values, so it's tough to brute-force), it's fantasically hard to duplicate the string of random values.

I strongly suggest that you research CSPRNG tech -- yes, it isn't as good as using a hardware RNG (or a Lava Lamp) as a source of entropy, but it is a good enough simulation that the numbers generated are random enough for cryptography. Not every application can implement a true RNG.

Yoda would agree with Perl design: there is no try{}

[reply]