高效的伪随机数生成 [英] Efficient pseudo-random number generation
问题描述
我想为加密目的创建一些随机数,我想知道如果下面的方案让下面的数字更难以猜测
生成模式,那么
比简单地使用rand():
#include< cstdlib>
#include< ctime>
int GetRandomNumber()
{
使用命名空间std;
int depth = rand();
for(int i = 0; i< depth; ++ i)
rand();
返回rand();
}
int main()
{
使用命名空间std;
srand(时间(0));
int y = GetRandomNumber();
}
以上是否普通使用rand()的任何区别?
问候,
Ioannis Vranos
Ioannis Vranos写道:
以上是否与普通用途有任何区别rand()?
可能:几乎肯定会更糟。创建好的随机数
发电机需要非常仔细的分析;它很容易摆弄现有的发电机并最终得到一些非常糟糕的东西。 Knuth
谈到他做的一个实验,他把8个(我认为)
不同的随机数发生器组合在一起,使用一个随机数来选择哪个
生成器用于生成下一个值。原来比任何单独的发电机更糟糕了。
如果你已经测试了rand的实现你就是' '使用和
确定它对你正在做的事情不够好然后你需要
来看看其他发电机。特别是,你应该看看
Mersenne Twister:它很大(发电机商店最常见的形式
624 32位值),但是这很快,而且时间很长。
-
Pete Becker
Dinkumware,有限公司( http://www.dinkumware.com )
" Ioannis Vranos" < iv*@guesswh.at.emails.ru>写了我想创建一些随机数用于加密目的,我想知道
如果以下方案使得更难以猜测下面的数字生成模式,比平原使用rand():
#include< cstdlib>
#include< ctime>
int GetRandomNumber()
{
using namespace std;
int depth = rand();
for(int i = 0; i< depth; ++ i)
rand() ;
返回rand();
}
int main()
{
使用命名空间std;
srand(时间(0));
int y = GetRandomNumber();
}
以上是否与兰特的普通使用有任何区别( )?
正如Pete Becker所说,你可能会让事情变得更糟。 rand()是通常作为MLCG实现的
(采用R [n] = m * R [n-1] + c)的形式。在
非常好的情况下,这个最大周期可以为2 ^(这个单词的数量为
)。这很容易证明,对于每个值,
只是一个映射回范围的后续值。
你是什么通过跳过序列中的间隙来做的是(1)可能缩短期间的时间,并因此(2)扭曲分布以使一些
值更频繁地出现所有人都不会出现。
现在,关于适合此目的的健康主题,rand()甚至不是远远的。
适合于加密目的。也不是最常用的
伪随机数生成器。我真的建议你阅读应用
密码学。作者:Bruce Schneier对该领域的介绍。
Claudio Puviani
" Ioannis Vranos" < iv*@guesswh.at.emails.ru>在留言中写道
news:c6 *********** @ ulysses.noc.ntua.gr ...我想创建一些随机的用于加密目的的数字,我想知道
如果以下方案使得更难以猜测下面的数字生成模式,而不是普通使用rand():
# include< cstdlib>
#include< ctime>
int GetRandomNumber()
{
使用命名空间std;
int深度= rand();
for(int i = 0; i< depth; ++ i)
rand();
返回rand();
}
使用命名空间std;
srand(time(0));
int y = GetRandomNumber();
}
上面对rand()的普通使用有什么不同吗?
问候,
rand()可以制作Yahtzee程序,但是对于像
$ b这样重要的东西$ b加密我不推荐它。该标准仅要求它提供16位,并且其统计性能的要求是不充分定义的。
。 31位或更多的便携式发电机很容易获得 - 例如
www.boost.org
-
Cy
http://home.rochester .rr.com / cyhome /
I want to create some random numbers for encryption purposes, and i wonder
if the following scheme makes it more hard to guess the underneath number
generation pattern, than the plain use of rand():
#include <cstdlib>
#include <ctime>
int GetRandomNumber()
{
using namespace std;
int depth=rand();
for(int i=0; i<depth; ++i)
rand();
return rand();
}
int main()
{
using namespace std;
srand(time(0));
int y=GetRandomNumber();
}
Does the above make any difference over plain use of rand()?
Regards,
Ioannis Vranos
Ioannis Vranos wrote:
Does the above make any difference over plain use of rand()?
Probably: it is almost certainly worse. Creating good random number
generators requires pretty careful analysis; it''s easy to fiddle with
existing generators and end up with something that''s really bad. Knuth
talks about an experiment he did where he combined eight (I think)
different random number generators, using a random number to pick which
generator to use to generate the next value. Turned out to be worse than
any of the individual generators that went into the mix.
If you''ve tested the implementation of rand that you''re using and
determined that it isn''t good enough for what you''re doing then you need
to look at other generators. In particular, you ought to look at the
Mersenne Twister: it''s big (the most common form of the generator stores
624 32-bit values), but it''s fast and it has a long period.
--
Pete Becker
Dinkumware, Ltd. (http://www.dinkumware.com)
"Ioannis Vranos" <iv*@guesswh.at.emails.ru> wroteI want to create some random numbers for encryption purposes, and i wonder
if the following scheme makes it more hard to guess the underneath number
generation pattern, than the plain use of rand():
#include <cstdlib>
#include <ctime>
int GetRandomNumber()
{
using namespace std;
int depth=rand();
for(int i=0; i<depth; ++i)
rand();
return rand();
}
int main()
{
using namespace std;
srand(time(0));
int y=GetRandomNumber();
}
Does the above make any difference over plain use of rand()?
As Pete Becker indicated, you''re probably making things worse. rand() is
typically implemented as an MLCG (taking the form R[n] = m*R[n-1]+c). Under the
very best circumstances, this can have a maximum period of 2^(number of bits in
the word). This is easy to demonstrate by the fact that for every value, there
is only one subsequent value that maps back into the range.
What you''re doing by skipping gaps in the sequence is (1) probably shortening
the period, and as a consequence (2) skewing the distribution so that some
values appear more often and others don''t appear at all.
Now, on the topic of fitness for the purpose, rand() is not even remotely
appropriate for cryptographic purposes. Nor are most commonly available
pseudo-random number generators. I really recommend that you read "Applied
Cryptography" by Bruce Schneier a an introduction to the field.
Claudio Puviani
"Ioannis Vranos" <iv*@guesswh.at.emails.ru> wrote in message
news:c6***********@ulysses.noc.ntua.gr...I want to create some random numbers for encryption purposes, and i wonder
if the following scheme makes it more hard to guess the underneath number
generation pattern, than the plain use of rand():
#include <cstdlib>
#include <ctime>
int GetRandomNumber()
{
using namespace std;
int depth=rand();
for(int i=0; i<depth; ++i)
rand();
return rand();
}
int main()
{
using namespace std;
srand(time(0));
int y=GetRandomNumber();
}
Does the above make any difference over plain use of rand()?
Regards,
Ioannis Vranos
rand() is OK for making a Yahtzee program, but for something as important as
encryption I would not recommend it. The standard only requires it to
deliver 16 bits and the requirements of its statistical performance are
inadequately defined. Good portable generators of 31 bits or more are
readily available -- e.g. www.boost.org
--
Cy
http://home.rochester.rr.com/cyhome/
这篇关于高效的伪随机数生成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
