14 replies to this topic

[tzecky87]

Hello, I am new to the website. I have a question that hopefully an experienced programmer with a few knowledge in cryptography can answer.

I am thinking about making a website that will have to use a large amount of true random numbers. With RANDOM.ORG - True Random Number Service you can get true random numbers but you have a quota.

I want to know if it is possible to somehow mix a True Random Number Generator with a Pseudo-Random Number Generator. If you use the rand function in java (for example) with a seed that is actually a true random number from random.org and that seed refreshes every 1 hour, will I get true random numbers?

I apologize if the question is stupid. I am not a programmer. Hopefully someone can help me with this, because I want to know if the website is doable.

[marwex89]

The first number you get will be a true random number. All subsequent numbers (until next seed) can theoretically be calculated/looked up based on the first one.

[tzecky87]

Thanks for the answer. The problem is not with them being able to be calculated but with them repeating themselves. If the website will ever be launched, I'll be sure to post a link.

[marwex89]

Well, if you get a true random number (TRN) 5, and use that to seed, the next time you get the TRN 5, the subsequent numbers will repeat themselves.

Quote

The problem is not with them being able to be calculated but with them repeating themselves.

If the next number can be calculated, it implies that they will be repeating themselves

Say you have the following table of pseudo-random numbers:

|1|4|7|9|2|0|4|8|5|8|8|3|2|0|4|5|

If you seed this with TRN 5 (and this is used as an offset into the table), the 7 first random numbers will be:

2,0,4,8,5,8,8

The next time you seed with TRN 5, the 7 first random numbers will also be

2,0,4,8,5,8,8

As you can see, they will repeat themselves.

[WingedPanther]

I think there's some confusion going on here about the nature of random numbers.

Repetition does NOT indicate lack of randomness. For example, if you are generating random integers from 1 through 10, you would expect to find sequences such as 9,9,9,9,9 periodically in the list. It is the human desire to view "different" as the same as "random" that causes us to recoil from a sequence like that as "random".

[marwex89]

Yeah, I was talking about repeating number sequences, not repeating numbers. Just clarifying

EDIT: The original question was if you would get true random numbers when seeding a pseudo-random number generator with a true random number, to which the answer is no.

After all, this is what all programmers do when seeding their pseudo-random number generators. They try to find something random (such as system time) to seed with. The numbers you get are however still pseudo-random, it's just random which part of the pseudo-random-number-list you get. Or is that considered random? I'm getting a bit unsure here..

[tzecky87]

So you would just get to randomly pick between sequences of apparently random numbers.
I'm ok with pseudo-random numbers. The issue is for them not to pass that point when they start repeating themselves. Do you know what the point is?

If we think about the nature of randomness, nothing is really random. Even true random numbers are caused by specific nature events or other thing, we just have no control over them.

[marwex89]

I suppose you would never get any noticeable repeating pattern, as long as you seed with a TRN often enough.

The point where a pseudo-random number generator (PRNG) starts repeating itself varies greatly among the different PRNGs. The well-known PRNG "Mersenne Twister" has a huge period of 2^19937−1. It's widely accepted as a good one, as opposed to the tiny built-in PRNG "rand" of the C-library. It's hard to implement, though, and a bit slow.

At this link: good C random number generator - comp.lang.c | Google Groups George Marsaglia comes up with some good alternatives that supposedly perform as well (or better), but are much faster

EDIT: This link might also be of interest: Mersenne Twister - sci.crypt | Google Groups

Note that I do not know how credible Marsaglia is and if his claims can be taken seriously.

Edited by marwex89, 25 April 2010 - 11:05 AM.

[tzecky87]

Thanks for the info marwex89!

[WingedPanther]

Ultimately, the real question is whether the PRNG will start repeating within a time period that is detectable to the user.

[John]

Winged, do true random numbers actually exist? Or do we just call things random because they are still too computational infeasible to calculate.

[WingedPanther]

Measure the radio-active decay of individual atoms of plutonium, or other such things, are about all we have. Things that are truly random at the quantum level are about all we have.