Score:1

Crypto

How to reproduce seeds in Random Number Generator like WELL, KISS etc

TyeolRik

1/13/23, 4:50 PM

I am curious about Padding the seeds of Random Number Generator.
(I am sure that terminology, padding the seeds, is not correct. If someone knows the proper word, please let me know :) )

What is padding the seeds that I mentioned?

You know that Pseudo-Random Number generator need seed to do its job properly. For example, one of the most famous RNG, mt19937 need only one seed.

However, in KISS algorithm (George Marsaglia, 2011, 64bit version), you only just need 2 seeds, cng and xs. In the case of Wichmann_hill, you need 3 seeds, s1, s2, s3. In WELL19937 algorithm, you need 624 seeds.

In my opinion, it is easy to get 1 or 2 seeds. But, getting 624 seeds for WELL19937 would be difficult.

So, I think some algorithms would implement "Padding the seeds", which means generating one seeds to on-demand seeds like SHA256. In the case of SHA, if input message does not fit the length, we generate some messages which is called Padding.

What I want to ask.

Is there any proper terminology of "Padding the seeds" in Random Number Generator?
How to "Padding the seeds"? Is there any standard?

0 + 0

random-number-generator

padding

pseudo-random-generator

SAI Peregrinus

1/13/23, 6:03 PM

This stackexchange site is about cryptography. Cryptography uses Cryptographically Secure Pseudo Random Number Generators (CSPRNGs), which don't take a repeatable external seed. For a secure CSPRNG, reproducing the seed MUST be impossible.

TyeolRik

1/13/23, 6:11 PM

@SAIPeregrinus Yes. I know this site is about Cryptography. And also, Pseudo Random Number (Not CSPRNG) is in bound of Cryptography. Because, one of the most famous textbook, Applied Cryptography, Bruce Schneier, introduces classic Pseudo-Random Number Generator like LCG, LFSR etc. Ok then, if you think this site is not proper to ask, could you recommend where should I ask?

SAI Peregrinus

1/13/23, 8:18 PM

If you're asking about programming such a PRNG you'd just pass in the inputs with whatever method the language used requires, eg pass a pointer to a struct for a C version. Padding would be determined by compiler and architecture. That'd be appropriate for Stackoverflow.

SAI Peregrinus

1/13/23, 8:19 PM

If you're asking about how to find the seed(s) from the output of the PRNG, that's relevant here but there's no such padding process.

TyeolRik

1/13/23, 11:28 PM

@SAIPeregrinus No, I am not asking finding seeds from outputs of the PRNG which is like Hash Collision. What I am asking is, **How to put proper (lots of) seeds?** Not getting 624 seeds, but manipulating seeds from ONE SEED which is almost like SHA padding.

SAI Peregrinus

1/14/23, 6:38 PM

From skimming the paper at (https://www.iro.umontreal.ca/~lecuyer/myftp/papers/lfsr04.pdf) it looks like the seed is just an initial state bit vector. The code seems to support that, since init takes an int*. So you just initialize the array of integers (no padding) to the values you want to use as a seed. Probably just use memcpy. Probably better suited to stackexchange than here, but the code in that paper is rather hard to read (no clear function/variable names) so you might not get much help.

TyeolRik

1/16/23, 5:50 AM

@SAIPeregrinus I've read that paper and also [re-coded on my own](https://github.com/TyeolRik/rngset/blob/main/well.go) But, I am **not actually asking** about coding, but **asking about "what is good seed"**. As you know, in original code, init takes an ```int*``` that means just user input. But, in real world, as I mentioned, it is difficult to get "Good seeds". So I am asking how to produce good seeds with one or two seeds... (without CSPRNG, which is from /dev/random/ )

SAI Peregrinus

1/16/23, 6:51 PM

A good seed is uniformly random data. It should have shannon entropy close to 1 bit/bit. The easiest way to get that is to use a hardware RNG which whitens its output with a CSPRNG, any other design will be worse for security or performance. If you're trying for a repeatable seed, eg for Monte Carlo simulations, then you just save some output from your csprng to a file and use whatever RNG you want with it, since you don't need security.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to reproduce seeds in Random Number Generator like WELL, KISS etc

TH: วิธีขยายพันธุ์เมล็ดพันธุ์ใน Random Number Generator เช่น WELL, KISS เป็นต้น

RO: Cum să reproduci semințele în Generatorul de numere aleatorii, cum ar fi WELL, KISS etc

RU: Как воспроизвести семена в генераторе случайных чисел, например WELL, KISS и т. д.

VI: Cách tái tạo hạt giống trong Trình tạo số ngẫu nhiên như WELL, KISS, v.v.

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.