Join Log in
Score:1
Mittal G avatar Crypto

When not to reject a random number generator?

co flag
Mittal G

I have constructed a true random number generator, and I applied the NIST randomness Test Suite to its results. I have generated around 200 files with my TRNG, each being $10^6$ bits in length.

The test reports are as follows: The TRNG failed some of the tests (e.g., Binary Matrix Rank Test) less than $5$ times, i.e., only 5 files out of $200$ failed some of the tests. However, $20$ files failed the Random Excursion Test. Also, only $5$ files failed more than $1$ test. Therefore, I want to know whether this TRNG should be rejected.

What criteria determine whether one should accept or reject a TRNG? Please provide references, if possible.

86
1 + 3
Paul Uszak avatar
cn flag
Paul Uszak
You don't need 200 files. Just one will do (>100 MB). **But** be very wary of restating the kit. Some hardware mathematically and physically _"warms"_ up. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf
0
Reply
Patriot avatar
cn flag
Patriot
@Mittal G Did you use the NIST Statistical Test Suite (STS) tool for randomness?
0
Reply
Mittal G avatar
co flag
Mittal G
Yes I used that.
0
Reply
Score:1
Paul Uszak avatar Crypto
cn flag
Paul Uszak

I know something about TRNGs, and 20/200 (10%) seems a little high. Randomness is random, so you'd expect the normal distribution of values. But $1.6\sigma$ is too much.

The normal/Gaussian distribution:-

graph

I know it's silly, but just look at the probabilities. $z=\pm 0.8$ sticks it right under the hump. Very unlikely. There is a tool called ent which is simple but the first step in designing a TRNG. Run it, and see what the correlation coefficient is:-

~$ ent cmix_v17
Entropy = 6.433268 bits per byte.

Optimum compression would reduce the size
of this 687704 byte file by 19 percent.

Chi square distribution for 687704 samples is 7388990.41, and randomly
would exceed this value less than 0.01 percent of the times.

Arithmetic mean value of data bytes is 86.8790 (127.5 = random).
Monte Carlo value for Pi is 3.496968164 (error 11.31 percent).
Serial correlation coefficient is 0.300655 (totally uncorrelated = 0.0).

Or to dig deeper, you can perform an FFT in the frequency domain. Keep auto-correction $< 10^{-3}$. That'll give you IID samples from which you get a simple $H_{\infty}$ and so the entropy rate.

You say "True random number generator". Is that so? If it is, you're probably seeing the effect of auto-correlation, which simply put, just means you're sampling at too fast a rate. See NOISE, CHAOS, AND ($\epsilon,\tau$)-ENTROPY PER UNIT TIME. Like fyling,you will or you won't. There's not a lot of maths involved if the TRNG is a real TRNG made of circuits.

P.S. Lets see the circuit.

P.P.S. As of this post, your circuit has failed. Sorry, but we can get it running with a bit of work :-)

0 + 2
Mittal G avatar
co flag
Mittal G
Can you please elaborate a little more? I am not getting your answer.
0
Reply
Paul Uszak avatar
cn flag
Paul Uszak
Of course :-) but my answer is related to a true and kosher TRNG. I'm sorry to be pedantic, but we get shed loads of questions here regarding TRNGs that just aren't. There is a **huge** confusion between TRNGs, one time pads and stream ciphers.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.