I am dealing with some computer security issues at the school at the moment and I am interested in general programming public preferences, customs, ideas etc. If you have to use a random number generator or extractor, which one do you choose? Why do you choose it? The mathematical properties, already implemented as a package or for what reason? Do you write your own or use some package?
-
There are *piles* of PRNG questions already. What makes this one different? – dmckee --- ex-moderator kitten Aug 20 '09 at 21:51
-
http://stackoverflow.com/questions/1266261/what-is-a-good-fast-prng-non-cryptographically-secure http://stackoverflow.com/questions/167735/fast-pseudo-random-number-generator-for-procedural-content http://stackoverflow.com/questions/1247129/fast-generation-of-random-set-monte-carlo-simulation and so on. Try this search: http://stackoverflow.com/questions/tagged/random-number-generator – dmckee --- ex-moderator kitten Aug 20 '09 at 21:55
-
1None of those three so-called duplicates calls for a secure PRNG. The first explicitly says non-crypto, the third is for Monte Carlo simulation, and the middle one is for generating landscapes. The concerns are completely different. – Steve Jessop Aug 20 '09 at 22:02
-
This question is different, because I want to know why you choose such a genereator. I am not interested in sum of easily accessible implementations. I want to know if you choose one of these based because of their theoretical properties or only because it is easy to find/use. – Trimack Aug 21 '09 at 05:49
5 Answers
If computational time is no object, then you can't go wrong with Blum Blum Shub (http://en.wikipedia.org/wiki/Blum_blum_shub). Informally speaking, it's at least as secure (hard to predict) as integer factorization.

- 13,916
- 6
- 45
- 91
dev/random
, or equivalent on your platform.
It returns bits from an entropy pool fed by device drivers. No need to worry about mathematical properties.
If you're after a cryptographically secure PRNG, then repeated application of a secure hash to a large seed array is generally the way to go. Don't invent your own algorithm, though, go for a version of Fortuna or something else reasonably well reviewed.

- 273,490
- 39
- 460
- 699
The keys for encryption of phone calls between presidents of the USA and USSR were said to be generated from cosmic rays. We checked it in the physics lab at out univercity -- their energies yield true Gaussian distribution. ;-) So for the best encryption you should use these, because such random sequence can not be replayed. Unless, of course, your adversary covertly builds a particle accelerator near your random number generator.
Ah... about computers... Well, acquire a stream that comes from something physical, not computed. /dev/random is an easiest solution, but your hand-made Geiger-counter attached to USB would give the best randomness ever.

- 96,026
- 17
- 121
- 165
For a little school project, I'd use whatever the OS provides for random number generation.
For a serious security application (eg: COMSEC-level encryption), I use a hardware random number generator. Pure algorithms with no hardware access by definition don't produce random numbers.

- 44,016
- 10
- 73
- 134
-
You know that when that link dies, this answer will be completely useless. – tvanfosson Aug 20 '09 at 21:56
-
It's a server which gives you bits. If the link dies the server is gone, so of course the answer would then be useless. – Steve Jessop Aug 20 '09 at 22:04