On Jan 28, 2005, at 17:24, Christopher D. Lewis wrote:
Do any of my users have an idea how to gauge the quality of random
numbers generated by the prng? There's an article addressing sppofing
attacks based on guessing TCP sequence numbers that suggests that
after MacOS X gained a /dev/random the sequence numbers became
effectively random, but indicates the randomness involves 31 bits of
randomness to the other BSD operating systems' 32 bits. See
<http://lcamtuf.coredump.cx/newtcp/>. While the 32nd bit may not make
a big difference here, I was curious about its impact on generating
crytpographic-quality random data and the potential limits of the
randomness in Darwin's /dev/random.
Any thoughts on how to measure the randomness, and the tests one might
use to gauge the impact on applications where the quality of the
randomness is of critical importance?
Knuth's V2 is one of the best discussions of randomness and testing for
it that I know of. Two that are spoken of highly are the Chi-square
and the Spectral tests. Perusing Knuth is a good start, to help
understand what randomness is, and how you might measure it.
Randomness is not a simple thing, though.
I don't know of any implementations, but perhaps Google can help.
Regards,
Justin
--
/~\ The ASCII Justin C. Walker, Curmudgeon-at-Large
\ / Ribbon Campaign
X Help cure HTML Email
/ \
