Usage of randomness (i.e. non-predictable data, usually in the form of bits or numbers) for cryptographic purposes.
For generating random numbers, see random-number-generator instead.
Questions tagged [randomness]
549 questions
15
votes
3 answers
What is the use of REAL random number generators in cryptography?
I understand the use of pseudo-random number generators. I am not getting mixed up between these and "real" random number generators.
However, I don't understand for what a real random number generator is used.
If it is not deterministic, how can it…
liamzebedee
- 325
- 2
- 7
5
votes
2 answers
uuidgen has consistent 13th digit and it's 4
I ran uuidgen 10k times and noticed that the 13th digit is always 4.
Why is that?
mafonya
- 165
- 5
5
votes
3 answers
Is this truly a TRNG?
As an appendix for my bachelor thesis, I proposed a solution for a TRNG that uses JPEG images as entropy source.
It's open source and available on GitHub.
My question is:
can this be really considered as a TRNG?
Obviously I tried to create a TRNG…
Riccardo Leschiutta
- 251
- 1
- 6
4
votes
1 answer
Proving von Neumann extractor correct
Von Neumann extractor works as follows:
Suppose $C$ is a biased coin, with $p = P[C = 1] > P[C = 0]$ and let $b_1b_2\ldots$ be sequence of results by independent coin tosses. For $i \ge 0$ one observes $b_{2i}b_{2i+1}$. If the two bits differ then…
user1868607
- 1,243
- 12
- 29
4
votes
8 answers
How to convert a set of sequential integers into a set of unique random numbers?
I have a set of sequential and non-duplicate integers which I would like to convert into a set of non-duplicate random integers.
What I want to achieve is this - I have a list of sequential numbers like below
[1, 2, 3, 4, 5, 6, 7, 8, 9]
This list…
Suhas
- 253
- 3
- 10
4
votes
1 answer
Exactly how bad is using 'mod' to clamp reduce numbers to a given range?
Let's say I'm naive and want to generate a random integer in the range [0, m), so I do the following:
k = cryptographically_secure_rng() % m
where cryptographically_secure_rng returns a random integer in the range [0,n).
Obviously, assume m <=…
user541686
- 1,349
- 1
- 11
- 23
4
votes
1 answer
Is a subset of a random set still random?
Suppose you have an infinite list of random bytes, and you select the first N bytes that correspond to printable ASCII characters. Is this list of N bytes still as secure (e.g. for the purpose of a crypto secret or salt) as accepting all of the…
jonleighton
- 143
- 2
4
votes
3 answers
Weak physical random number generator/source - what is this?
Why physical random number source can be weak? I see two kinds of problems:
it is hard to control it and make it resistant to some unwanted bias, but also deliberate attacks,
it has normal distributuon, while we usually want to have uniform…
Tom
- 1,221
- 6
- 16
3
votes
2 answers
NIST randomness test p values
I have a binary sequence of length $2^{20}$. I am using the NIST statistical test, assess.
What should be taken for ./assess and How many bitstreams? in this test?
In the final Analysis report, what p-values should be there to pass this test?
str
- 47
- 5
3
votes
5 answers
Is there a definition of the pseudo-random sequences like PRG or PRF in cryptography?
I have learned the definition of PRGs and PRFs. As I know the meaning of pseudoreandomness. I think that the pseudo-random sequence and the truly random sequence are indistinguishable.
I did not find a definition of the pseudo-random sequences. And…
Blanco
- 1,622
- 1
- 10
- 20
3
votes
2 answers
How to efficiently generate a stream of independent, but biased random bits?
Usually, in cryptography, one is interested in debiasing a stream of independent (true) random bits, and several algorithms exist to do this. What about the converse? Let's assume I have a stream of independent and unbiased random bits at my…
cryptopathe
- 1,185
- 8
- 13
3
votes
1 answer
How long random value is required in random masking method?
I heard that random masking method requires a random number whose length is as long as a message to be sent, but I’m not sure that. So, I'd like to ask about that.
1. Boolean masking : $ x_i \oplus r_i$
Assume that a message is $ (x_7, x_6, \cdots…
user2642459
- 161
- 3
3
votes
4 answers
secretKey ⊕ (secretKey ≪ 1), is randomness lost?
A truly random secret key is run through a cipher
secretKey ⊕ (secretKey ≪ 1)
is randomness lost? As in, is the computational cost to guess the ciphertext from secretKey ⊕ (secretKey << 1) lower than the cost to guess secretKey?
lsh
- 41
- 2
3
votes
0 answers
Computational Randomized Encoding in the hybrid proof
A computational randomized encoding scheme $(\textrm{RE.Encode}, \textrm{RE.Decode})$ works as follows:
$\textrm{RE.Encode}(1^\lambda, C, x, r)$: takes as input the security parameter $\lambda$ in unary, a circuit $C$, the input string $x$, and the…
CryptoLover
- 932
- 1
- 6
- 19
2
votes
2 answers
Advantage of Adversary against a simple function?
Attacker has to win following game by distinguishing that output was updated by a certain function or not?
Attacker queries an oracle for the output.
Oracle generates fresh 4 random bytes $a$, $b$, $c$, and $d$ and one random bit $x$.
if $x=0$,…
elonnoe
- 23
- 3