I was reading about middle-square method to generate pseudo-random numbers. But one thing that bothered me is that with the same initial seed isn't my pseudo-random number series going to be the same every time. Whereas, it should not be reproducible again no matter what.
For example, if I choose my initial seed to be 1234, my series would be 2343, 4896, 9706, and so on.....
And I'll get the same sequence if I use 1234 as my seed again.
OR
Have I misunderstood the concept in some way? Please clarify this for me.
Related
Given a sequence (ex 1 4 3 5 3 6 .....) and its range (ex 1-10 ), knowing that it is generated from a "Random Generator".
How to know whether that "Random Generator" is pseudo random or true random (Assuming the sequence is infinite).
Obviously, you can't. For one thing -- the only thing you can actually observe is a finite sequence of numbers. Every possible observed sequence will have a non-zero probability of occurring even if the sequence is genuinely random. You can observe 20 tails in a row and that is completely consistent with tossing a genuinely fair coin. Conversely, any finite sequence, no matter how random it looks, can be generated by a deterministic process.
Having said that, there are various statistical tests (most famously the Diehard tests developed by George Marsaglia) which can be applied to a sequence. They can't certify a sequence as random or pseudorandom with certainty, but poorly designed pseudorandom number generators will do poorly on these tests. On the other hand, if a sequence does well on these tests then it will be more or less impossible (without knowing the source of the numbers) to tell if it came from a pseudorandom number generator or a genuinely random source. The entire point of 50+ years of research is to ensure that the answer to your question is effectively "No - you can't tell".
To add to the well written answer of John, I would like to add a few remarks.
First, I do believe that out of every "Random Generator", as you name them, none of the random number that you'll get are truly random. Even further, we do not know a way to procude a true "random" sequence of number. The only true random that you can obtain comes from quantic particles as they are not determinist and can be considered at some extent as random. When you have a website or a program that gives you a random number, it comes from a determinist method, which could theoretically be deduced, if we knew all of the initial conditions. Some of the more "random" algorithms, for example, use the variation of the atmosthere as a way to produce a seemingly random result (see this random generator for example). And yet, if we could get all of the parameters used on an instant T, you could theoretically "guess a random number".
What you can do though, if you do not recognise a pattern in your data, is to do a statistical analysis of your data. As John said, there are numerous methods to recognise a correlation between your random values, and you could get some informations about your data. You could use tools on many mathematical programming tools (Matlab, Maple for example ...) to try to analyse your data. But, in the end, you might never be able to tell with a full certainty the veracity of your results.
So, just like John said, NO, you can't.
When we need a random number we use srand once to initialize the seed and after that we can use rand. Why do we need to seed using srand? For example srand(time(Null)); Can't we just use rand() % 99999? Am I missing something in the concept of these functions?
Here's the thing,
You actually don't need to seed your random number generator. Go ahead, try it without!
BUT, you will always get the same sequence of 'random' numbers.
Pseudo-random number generators such as rand() only generate random-looking sequences. If you just start them from the 'beginning' every time, they will of course look the same.
Seeding the generator is a good way to get numbers that actually appear 'properly' random. If you seed with the time, you are starting somewhere 'random' in the sequence. Note that picking time values close together usually gives two sequences that are also very different.
You can seed with whatever you like. For example, if you have lots of threads using lots of generators, the time is a bad idea because the time may well be the same for multiple threads.
There is no clear 'good' value for the seed, so it is usually not seeded by default. This can also be a good thing if you want to 're-run' a randomised algorithm with exactly the same input: just set the seed to be the same seed.
srand(0) will always return the same deterministic sequence of values, although those values will appear random.
Knowing your seed will allow an attacker to determine every number you generate.
By setting a seed, you effectively create a different sequence.
srand(0) may be entirely acceptable to your needs, if you only need the appearence of random.
I read that seeds are used to initialize random number generators. But seems like the randomness of the seed doesn't matter much for getting good randomness from the generator. So I want to understand what is a seed actually? Why is it called so? And lastly why time in a computer system is used to generate such seeds?
A pseudo-random number generator produces a sequence of numbers. It isn't truly random, but generally a mathematical calculation which produces an output that matches some desirable distribution, and without obvious patterns. In order to produce such a sequence, there must be state stored for the generator to be able to generate the next number in that sequence. The state is updated each time using some part of the output from the previous step.
Seeding explicitly initialises this state. A 'seed' is a starting point, from which something grows. In this case, a sequence of numbers.
This can be used either to always generate the same sequence (by using a known constant seed), which is useful for having deterministic behaviour. This is good for debugging, for some network applications, cryptography, etc.
Or, in situations where you want the behaviour to be unpredictable (always different each time you run a program, a card game perhaps), you can seed with a number likely to be continually changing, such as time.
The 'randomness' of the sequence does not depend on the seed chosen, though it does depend on not reseeding the sequence.
Ok, so this question involves a bit of a forward. Bear with me.
There's this website random.org (and others like it) that claim to use some sort of quantum process or another to produce true random numbers.
If one were to query this site over and over and develop a massive log of true random numbers. This log is then rearranged by a program to mix it up as randomly as it can. Is the resulting output less random than when it started? By how much?
Any good/cheap further reading on the subject?
Reordering random numbers by a fixed permutation does not change the degree of randomness.
So if you have a perfect random number source, the same bits reshuffled will be equally random. This will be true if whether the "shuffle" is a fixed reordering (e.g. reversing all the bits) or a shuffle generated by a pseudo-random number generator (which is really a very obfuscated way of defining a fixed re-ordering from some initial seed).
This is provable from the underlying maths - if you reorder a set of truly independent identically distributed random variables then the resulting distribution will be the same as the one that you started with. Hence it is equally random.
However, this does not work if the shuffling is dependent on the values of the random bits in some way. If, for example, you sort the bits rather than permuting them then you won't have very good random output :-).
It would depend on how you reorder them. If you used pseudo random function to do it the results will likely be less random. If you use the true random to reorder itself it will not be more random.
One thing that people forget is the reason to use pseudo random function over some true random numbers is repeatedly and testing. If you get some unexpected results using pseudo random function will make looking at the possible problem easer.
If you have a process that needs N 'random' numbers, you can take N from the site, and use them, IN THAT ORDER, and all will be well. If you reshuffle them, you will make them less random.
If you need an ongoing supply of random numbers, then the question is the relative quality of some pseudo-random juggle of these versus what would happen if you had a true random sequence.
Since, however, linux and windows both supply real random numbers by harnessing hardware entropy, why not just use those?
As the title says: What is the difference between a non-secure random number generator and a secure random number generator?
No computationally feasible algorithm should:
recover the seed, or
predict the "next bit"
for a secure random number generator.
Example: a linear feedback shift register produces lots of random numbers out there, but given enough output, the seed can be discovered and all subsequent numbers predicted.
A secure random number should not be predictable even given the list of previously generated random numbers. You'd typically use it for a key to an encryption routine, so you wouldn't want it guessable or predictable. Of course, guessable depends on the context, but you should assume the attacker knows all the things you know and might use to produce your random number.
There are various web sites that generate secure random numbers, one trusted one is hotbits. If you are only doing the random number generation as a one off activity, why not use a lottery draw result, since it's provably random. Of course, don't tell anyone which lottery and which draw, and put those numbers through a suitable mangle to get the range you want.
With just a "random number" one usually means a pseudo random number. Because it's a pseudo random number it can be (easily) predicted by an attacker.
A secure random number is a random number from a truly random data source, ie. involving an entropy pool of some sorts.
Agree with Purfiedeas. There is also nice article about that, called Cheat Online Poker
A random number would probably mean a pseudo random number returned by an algorithm using a 'seed'.
A secure random number would be a true random number returned from a device such as a caesium based random number generator (which uses the decay rate of the caesium to return numbers). This is naturally occurring and can't be predicted.
It probably depends on the context, but when you are comparing them like this, I'd say "random number" is a pseduo random number and a "secure random number" is truly random. The former gives you a number based on a seed and an algorithm, the other on some inherintly random function.
It's like the difference between AES and ROT13.
To be less flippant, there is generally a tradeoff when generating random numbers between how hard it is and how predictable the next one in the sequence is once you've seen a few. A random number returned by your language's built-in rand() will usually be of the cheap, predictable variety.