George Landon Chao Shen Chengdong Li

Transcription

1 George Landon Chao Shen Chengdong Li

2 An Introduction George Landon

3 Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin. John Von Neumann (1951)

4 Introduction Definition History Types Tests for Randomness Uses

5 Webster Defines Random Lacking a definite plan, purpose, or pattern A set where each of the elements has equal probability of occurrence

6 Random Numbers A sequence in which each term is unpredictable D. H. Lehmer (1951) Examples between 1 and , 95, 11, 60, 22

7 History according to Knuth In times of yore: - Balls were drawn out of well stirred urns - Dice were rolled - Cards were dealt

8 Organizing Random Numbers In 1927, L.H.C Tippet published a table of 40,000 random digits Mechanically Driven Special Machines were used to generate random numbers Kendall and Babington-Smith (1939) Generated a table of 100,000 random digits RAND Corporation (1955) Generated a table of 1,000,000 random digits

9 Types Truly Random Pseudorandom Quasi-Random

10 Truly Random Follows directly from definition of random. Each element has equal probability of being chosen from the set.

11 Truly Random Examples Randomly emmited particles of radiation Geiger Counter Thermal noise from a resistor Intel s Random Number Generator

12 Pseudorandom A finite set of numbers that display qualities of random numbers Tests can show that there are patterns Subsequent numbers can be guessed

13 Quasi-Random A series of numbers satisfying some mathematical random properties even though no random appearance is provided Good for Monte-Carlo methods Lower discrepancies offer better convergence

14 Some Tests for Randomness Entropy Information density of the content of a sequence High density usually means random Arithmetic Mean Chi-square Test Provides a probability for the randomness for a sequence An example Pseudorandom number test

15 Practical Uses Simulation Computer Programming Decision Making Recreation

16 Simulation Simulate natural phenomena on a computer Used for experiments in sterile conditions to make them more realistic Useful in all of the Applied Disciplines

17 Computer Programming Test program effectiveness Test algorithm correctness Instead of all possible inputs use a few random numbers Microsoft has used this logic in testing their software

18 Decision Making When an unbiased decision is needed Fixed decision can cause some algorithms to run more slowly Good way of choosing who goes first Sporting events

19 Recreation Lottery Equal odds The KY Lottery uses Microsoft Excel s RNG for various second chance drawings Casinos Provides a chance for luck

20 Recreation (cont) Video Games Random events keep games entertaining Q-bert

21 References 3D Project Team. e1.html ENT - A Pseudorandom Number Sequence Test Program. Knuth, D. The Art of Computer Programming Volume Random.org.

22 Classification Chao Shen

23 Classification of random numbers Truely random numbers Pseudo-random numbers Quasi-random numbers

24 The advantages of true random No periodicities. numbers Not based on an algorithm. No predictability of random numbers based on knowledge of preceding sequences. Certainty that no hidden correlations are present.

25 Example : ZRANDOM

26 Pseudo-random number generator The pseudo-random number generator requires a number to start with that gets plugged in to the set of equations. After that it uses part of the result from the last time it was used as input to the next iteration. This starting number is called the seed.

27 Methods for Random Number Generation Linear Congruential Generators Lagged Fibonnaci Generators Shift Register Generators Combined Generators

28 Linear Congruential Generators (LCG) X i =(ax i-1 +c) Mod m where m is the modulus, a the multiplier, and c the additive constant or addend. The size of the modulus constrains the period, and it is usually chosen to be either prime or a power of 2. LCGs are not recommended to be used in computer simulations, nor any other purposes which require higher degrees of randomness.

29 Example ( LCG) Let a=1,c=5,m=16 and x 0 =1. The sequence of pseudo-random integers generated by this algorithm is: 1,6,15,12,13,2,11,8,9,14,7,4,5,10,3,0,1,6,15, 12,13,2,11,8,9,14,.

30 Improvement of LCG Multiple recursive generators (MRG) X i =( a 1 X i-1 +a 2 X i a k X i-k +b) mod M By choosing k > 1 will increase the time taken to generate each number, but will greatly improve the period and randomness properties of the generator

31 Lagged Fibonnaci Generators LFGs have become popular recently. The name comes from the Fibonacci sequence : 1, 1, 2, 3, 5, 8,... (X n = X n-1 + X n-2 ). LFGs generate random numbers from the following iterative scheme: X n = X n-i X n-k (mod m), i and k are lags, i >k, and is a binary operation.

32 Shift Register Generators Shift register (SRG) generators are generally used in a form where they can be considered as a special case of a lagged Fibonacci generator using XOR. XOR gives by far the worst randomness properties of any operation for an LFG, so these generators are not recommended.

33 Combined Generators Better quality sequences can often be obtained by combining the output of the basic generators to create a new random sequence as : Z n =X n Y n where is typically either the exclusive-or operator or addition modulo some integer m, and x and y are sequences from two independent generators.

34 Requirements for Sequential Random Number Generators uniformly distributed uncorrelated never repeats itself satisfy any statistical test for randomness reproduceable portable

35 Requirements for Sequential Random Number Generators (continue) can be changed by adjusting an initial seed value can easily be split into many independent subsequences can be generated rapidly using limited computer memory

36 Parallel Random Number Generators Many different parallel random number generators have been proposed, but most of them use the same basic concept, which is to parallelize a sequential generator by taking the elements of the sequence of pseudo-random numbers it generates and distributing them among the processors in some way.

37 The Leapfrog Method Ideally we would like a parallel random number generator to produce the same sequence of random numbers for different numbers of processors. A simple way to achieve this goal is for processor P of an N processor machine to generate the subsequence X P, X P+N, X P+2N,.,

38 Sequence Splitting This can be done by splitting the sequence into non-overlapping contiguous sections, each generated by a different processor. X PL, X PL+1, X PL+2,, Generators that apply leapfrog and sequence splitting method

39 Independent Sequences This method is similar to sequence splitting, in that each processor generates a different, contiguous section of the sequence. However in this case the starting point in the sequence is chosen at random for each processor, rather than computed in advance using a regular increment.

40 Requirements for Parallel Random Number Generators there should be no inter-processor correlation sequences generated on each processor should satisfy the qualities of serial random number generators it should generate same sequence for different number of processors it should work for any number of processors there should be no data movement between processors

41 Suggestions on choosing RNGs Never trust a parallel random number generator. In particular, never trust the default random number generator provided with the system you are using. If a generator is shown to fail a certain empirical test, that does not necessarily mean that it will also perform poorly for your application, or the results you spent many months gathering using that generator are now invalid.

42 Recommendations for sequential RNGS A multiplicative lagged Fibonacci generator with a lag of at least 127, and preferably 1279 or more. A 48-bit or preferably 64-bit linear congruential generator that performs well in the Spectral Test and has a prime modulus. A 32-bit (or more) combined linear congruential generator, with well-chosen parameters. If speed is an issue, use an additive lagged Fibonacci generator with a lag of at least 1279.

43 Recommendations for parallel RNGs A combined linear congruential generator using sequence splitting; A lagged Fibonacci generator, although great care must be exercised in the initialization procedure, to ensure that the seed tables on each processor are random and uncorrelated.

44 Test for Randomness import java.util.random; class RandomTest { public static void main (String args[]) { int[] ndigits = new int[10]; double x; int n; Random myrandom = new Random(); // Initialize the array for (int i = 0; i < 10; i++) { ndigits[i] = 0; }

45 for (long i=0; i < ; i++) { } continue // generate a new random number between 0 and 9 x = myrandom.nextdouble() * 10.0; n = (int) x; //count the digits in the random number ndigits[n]++; for (int i = 0; i < 10; i++) { } } System.out.println(i+": " + ndigits[i]);}

46 0: : : : : : : : : : 9907 Sample output

47 Random number generator in Matlab Y = randn(m,n) or Y = randn([m n]) returns an m-by-n matrix of random entries. Y = randn(m,n,p,...) or Y = randn([m n p...]) generates random arrays. Y = randn(size(a)) returns an array of random entries that is the same size as A. randn, by itself, returns a scalar whose value changes each time it's referenced.

48 Example: x=randn randn(100,50)

49 Recommended Random Number Generator Software Combined linear congruential generators with parameters recommended by L'Ecuyer, parallelized using sequence splitting. * RANECU from CERNLIB Lagged Fibonacci generator using ultiplication, parallelized using independent sequences. * FIBMULT from Syracuse University Lagged Fibonacci generator using addition, parallelized using independent sequences. Be sure to use the largest possible lag. *Scalable Parallel Random Number Generator (SPRNG) Library from NCSA *FIBADD from Syracuse University

50 Online Reference view1.1/prngreview.pdf aching/ random.html

51 continue html

52 Application Chengdong Li

53 Application of random number in different areas Control/test of gambling machines Creation of lottery numbers Encryption of data (e.g. for communication in the Internet) Generation of code numbers or transaction numbers Digital signatures Direct use for Monte-Carlo simulations or generation of seed numbers Numeric solution of mathematical problems

54 Topics covered: Random number Computer game cryptography Scientific research

55 Random number and game

56 Why introduce random into Game? Interest. Simulating some phenomenon in real world

57 Examples: Computer game

58 Computer game (cont.) Super mario Advance

59 Example: lottery

60 Random number and Cryptography "It is impossible to predict the unpredictable." -Don Cherry

61 What is Cryptography? To most people, cryptography means keeping communications private, however, today s cryptography is more than this: Encryption Transform data into a form that is virtually impossible to read without the appropriate knowledge (a key). Decryption Transform encrypted data back into an intelligible form (by an algorithm and a key). Digital Authentication Provide assurance that communication is from a particular person. Certification Prove we know certain information without revealing the information

62 The application of cryptography Build secure protocol and scheme. Provide basic tools for higher application.

63 Example:

64 Example (cont.)

65 Random source in Cryptography Almost all cryptographic protocols require the generation and use of secret values that must be unknown to attackers. Random number generator (RNG) is required. For example RNGs are required to generate public/private key pairs for asymmetric (public key) algorithms including RSA, DSA, and Diffie-Hellman. Keys for symmetric and hybrid cryptosystems are also generated randomly. RNGs are also used to create challenges, nonces (salts), padding bytes, and blinding values. The one time pad the only provably-secure encryption system uses as much key material as cipher-text and requires that the key-stream be generated from a truly random process.

66 A product example:

67 Why use random? Secure systems today are built on strong cryptographic algorithms that foil pattern analysis attempts. The security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar quantities. The use of random techniques to generate secret quantities can foil the attacker efficiently.

68 Desired requirement for random Because security protocols rely on the unpredictability of the keys they use, random number generators for cryptographic applications must meet stringent requirements. The most important is that attackers, including those who know the RNG design, must not be able to make any useful predictions about the RNG outputs.

69 Mathematical view The entropy of the RNG output should be as close as possible to the bit length. Entropy: According to Shannon, the entropy H of any message or state is: H = K n i= 1 p i log p i Where P i is the probability of state i out of n possible states and K is an optional constant to provide units (e.g. 1/log(2) bit). In the case of a RNG that produces a k-bit binary result, P i is the probability that an output will equal i, where 0 i<2 k.

70 Mathematical view (cont.) For a perfect RNG, P i =2 -n and the entropy of the output is equal to K bits. This means that all possible outcomes are equally likely, and on average the information can not be represented in a sequence shorter than K bits. In contrast, the entropy of typical English alphabetic text is 1.5 bits per character. This is because there is much more correlation between the different bits in commonly used words, and the the words in the text.

71 Type of Random source Two type: true-random unconditionally unguessable, even by an adversary with infinite computing resources pseudo-random good only against computationally limited adversaries

72 The requirement from different algorithm The frequency and volume of require for random is different: RSA Required when key pair is generated, Thereafter, any number of messages can be signed without any further need for randomness. DSA Requires good random numbers for each signature. One time pad Requires a volume of randomness equal to all the messages to be processed.

73 RSA

74 DSA:

75 One time pad: Encryption Decryption m i c i Key Key k stream generator z i c i k stream generator z i m i

76 Authentication I m Alice Alice K Alice-Bob {R} Bob R Bob authenticate Alice based on a shared secret key K Alice-Bob

77 How to generate randomness? Hardware used to generate truly randomness: Sound/video input Disk drive Mouse event. Quantum effects in a semiconductor Unplugged microphone air turbulence within a sealed disk drive timing between keystrokes

78 How to generate randomness? Non-hardware strategy: Mixing functions One which combines two or more inputs and produces an output where each output bit is a different complex non-linear function of all the input bits. DES use strong mixing functions.

79 Example of mixer

80 Difference of two strategy: Hardware generation is based on a physical process. The advantages are obvious: No periodicities. Not based on an algorithm. No predictability of random numbers based on knowledge of preceding sequences. No hidden correlations are present. The equipartition fluctuations are purely stochastic. (Pseudo-random numbers contain systematic, unnatural fluctuations in the equipartition.)

81 Conclusion: Generation of unguessable "random" secret quantities for security use is an essential but difficult task. hardware techniques to produce such randomness would be relatively simple In the absence of hardware sources of randomness, a variety of user and software sources can frequently be used instead with care.

82 Random number in scientific research

83 Example of randomness required For scientific experiments, it is convenient that a series of random numbers can be replayed for use in several experiments, and pseudo-random numbers are well suited for this purpose. Most random number generators produce what is known as white noise. Here white means the successive values of the random numbers are not correlated with each other. It has a very rich frequency.

84 Application

85 White noise and its usage Feature: All frequency. Usage: DSP and filter System identification Simulation. Spectra analysis.

86 Useful links: shtml