Title: Random Value Pedantry Post by: alan2here on August 13, 2013, 04:20:29 PM I've seen some talk about this recently, I thought I better check my assertions.
Also, this is not about the recent Android wallet issues, which was about random numbers, but was a bug. Take 3 available functions, they all on request within 1/100th of a second generate 64 random bits. A: Uses a standard common generator. B: Uses one of the best open source cryptographically oriented generators instructed to take all allocated time to generate the value. C: Uses a web service that receives values from decay of an alpha source. Can I tell to a statistically significant degree, which generated a given group of bits? Manually? No Using any available software? I don't know. Using any available software between B and C? I imagine not. So, even if definitive proof exists/arrises that C uses a fundamentally random process, is it ever relevant that B is only 'sudo' random? Title: Re: Random Value Pedantry Post by: EmperorBob on August 13, 2013, 09:05:49 PM http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator (http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator) is what you're looking for.
By definition, a good pseudorandom number generator is indifferentiable from a true random source. |