# Questions tagged as ['pseudo-random-generator']

PRNG is a mechanism to produce randomness from an initial random seed, so basically a way to derive more secrets from one secret.

Looking at the Wikipedia entry for KDF you find

In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a main key, a password, or a passphrase.

Which sounds to me like what PRNGS a ...

I got the idea of this proof, that since PRG expands from n to 2n, it cannot project to all {0,1}^{2n}, only to a neglible part which we can abuse to make a good distinguisher just by telling if A succeeds finding a preimage in X. A random string from U2n has very likely no preimage in X. Thus we can distinguish U2n from G(Un). But I think I do not understand the construction f well. What's the pur ...

Two dimensional patters are omnipresent in information transactions. QR codes, images are most common. I want to know if there is a concept analogous to the well known concept of Linear Complexity of periodic sequences, for two dimensional patterns?

I understand that PRNG are Random Number Generators that uses a deterministic algorithm based off of a seed.

I also understand that CSRNG are PRNG that are cryptographic-ally safe to use for generating random numbers.

And by cryptographic-ally safe, I believe this means that even if an attacker knows the deterministic algorithm and the seed, they would not be able to predict the next random number. ...

Is hashing random numbers generated from a TRNG enough to create a key?

Basically taking the output of something like a Lavarand and pass that through a hash function like sha-2.

I guess at the end of the day the core of my question is, can an hash function be used as a pseudorandom number generator?

This is mainly for math purposes although it would be good for cryptographic purposes too, are there any known algorithms for generating an infinitely long (pseudo)random sequence of numbers (say bits). The sequence cannot be repeating or have some pattern and should behave like a "normal" number (i.e. similar the digits of Pi or some other constant).

Be this the Experiment for multiple COA-security:

$PrivK_{\mathcal{A},\Pi}^{mult}(n)$:

$(m_0^1 , ... , m_0^t,m_1^1 , ... , m_1^t) \leftarrow \mathcal{A}(1^n), |m_0^i|=|m_1^i| \forall i \in [1,t]$

$k\leftarrow Gen(1^n)$

$b \leftarrow \{0,1\}$

$C = (c_b^1 , ... , c_b^t) \leftarrow (Enc_k(m_b^1) , ... , Enc_k(m_b^t))$

$b' \leftarrow \mathcal{A}(C)$

if $b' = b$ return 1 else return 0

If $PrivK_{\mat ...

How do I know where my XOR gates go? What does the F2 stand for here? Also the next task is to generate the sequence (with initialisation vector $s_0 = 1, s_1 = s_2 = s_3 = 0$) until it becomes periodic which I'm fairly certain I can do however even a few rows would be helpful as I won't have any other answers to these (not official homework assignment).

edit: my guess is now the xor port goes on t ...

I once read/heard that one could generate a cryptographically secure pseudo random number generator based on two cryptographically secure hash functions.

The algorithm goes this way:

- Let $f$ and $g$ be two independant cryptographically secure hash functions of block size $s$.
- This algorithm outputs blocks of $s$, the block $n$ is defined as: $output[n \times s; (n+1) \times s] = f(g_{n}(seed))$
- The ...

I'm going to generate **unique** random values based per a range of unique input values.

In other words I have range of input values which these numbers are part of a series (like a range of serial numbers which are increasing one by one) and there are no duplicate values among them. I want to generate random values based per each of input values which there should not be any duplicate values in output ...

In order to improve the quality of random generators, Weyl sequences have been added to the Middle Square (Widynski) and Xorshift (Marsaglia) generators:

https://arxiv.org/abs/1704.00358

https://www.jstatsoft.org/article/view/v008i14

As I understand, it was also about extending generator cycles, especially when it comes to Middle Square, which works like random mapping.

I also have a generator that work ...

According to article:

https://www.pcg-random.org/posts/too-big-to-fail.html

When N of Middle Square is $2^{128}$ we can expect to produce $2^{64.3}$ numbers before we start to see repeats in generator. That's enough for 320 exabytes of random data, vastly more than any PractRand test will ever consume.

This is enough size of path to reach the cycle and cycle itself. It passes the randomness tests and ...

Chaos-based cryptography is facing a lot of criticism, however, some people argue that it can provide many cryptographic primitives, such as stream ciphers, block ciphers, hash functions, public-key ciphers.

Leaving aside all the defects of the application chaos in cryptography, is not chaos at most is a pseudo-random generator which could be used for stream ciphers (if this even possible)?

Note: I ...

I am curious about Randomness test suite.

One of the famous randomness test suite, DIEHARDER, said that Endianness does not matter for a "GOOD" random generator.

Note that this is not the same as writing raw floating point numbers (that will not be random at all as a bitstream) and that "endianness" of the uints should not matter for the null hypothesis of a "good" generator, as random bytes are random ...

I have keyed 128-bit PRNG. It passed PractRand and Dieharder tests, but I have no idea what is expected cycle lengh of it (for different keys and different seeds).

Is there way to estimate it, through analysis outputs of this generator? I'm trying to analyze cycles in 16-bit parts of 128-bits outputs. 16-bit numbers repeats in truncated 16-bit parts of 128-bit output in average in every $6331708$

For a 32-Bit variant of Mersenne twister, if the outputs Should be a 5-Bit integer(word size) then what is the value of recurrence according to the k-distribution?

Recently, I read this paper NEURAL NETWORK BASED CRYPTOGRAPHY. Under the section 3.1 it said:

The aim is to improve the randomness of the random numbers generated by any algorithm using an NN. In order to improve pseudo-random numbers via a neural network, random numbers are generated by a modified subtract with borrow algorithm in MATLAB. The random numbers generated by the modified subtract with bo ...

Is there a program to predict the mersenne twister random module in python for a 5-bit integer output, provided the consecutive 3994 outputs are available? The random module is not seeded so i guess, it'll use the system time as it's seed value since no os.random function is used! and it's seeded only once(assumption). Does my claims look valid! and is it really predictable? please forgive me if i'm wro ...

G is a PRG and takes in a seed s. Is G'(s) = [G(s)]' (i.e. the complement of G(s)) a PRG as well?

My proof by contradiction: Suppose G' is not a PRG, then G''(s) = [[G(s)]']' = G(s) is also not a PRG which is a contradiction, since our initial assumption is that G is a PRG.

Does this proof make sense? Can anyone point out any mistake(s) made?

A function G(x) = x || x (where “||” denotes string concatenation). It is given that G is not s pseudo random generator. Can someone describe how can we prove this. I am getting a bit confused in the concept of pseudo random generator.

What I have understood till now - The formal definition of pseudo random generator is given as $\Pr[PRG_{A,G(n)} = 1] ≤ 1/2 + negl(n)$. Here we can observe that ...

Here:

https://en.wikipedia.org/wiki/Linear-feedback_shift_register

they wrote:

The linear feedback shift register has a strong relationship to linear congruential generators

What this relationship is all about? Are they mathematically equivalent in some way? In two cases, we can reach the maximum period. Maybe there are LCGs that generate the same numbers as the LFSRs? As far as I know, the LFSRs also ...

I am curious about **Padding the seeds** of Random Number Generator.

(I am sure that terminology, padding the seeds, is not correct. If someone knows the proper word, please let me know :) )

## What is padding the seeds that I mentioned?

You know that Pseudo-Random Number generator need seed to do its job properly. For example, one of the most famous RNG, mt19937 need only one seed.

However, in KISS algor ...

**Context:** an encryption game from overthewire (the link to it: https://overthewire.org/wargames/krypton/krypton6.html, also good for more info) where given the ciphertext, one must obtain the plaintext.

On this level, we have access to a binary that encrypts any file by stream cipher, using a key from a file we do not have access (keyfile.dat) and a random number. We also have a hint: 8 bit LFSR.

My qu ...

Are there any pseudo random number generator based on Galois fields? The source of the AES randomness lies in the GF, so GF should be capable of generating random bits.

Why are there no such generators?

Does there exist a source of randomness that anyone in the world can independently, conveniently and robustly access? For example, the 10th decimal place of the temperature in Mexico City is sufficiently random. But it's inconvenient for Bob to access independently, and it can't be measured robustly anyways.

The source of randomness must also be secure, in that no one party controls it (or access ...

Lots of cryptography algorithms rely on pseudorandom number generators. Sometimes, given a plaintext, you need to generate a pseudorandom number from it. What are some fast algorithms that do so?

I've seen one that uses SHA256 and other that uses AES, but I couldn't find any literature about them or some implementation that I can use. They should be fast because processors nowadays have hardware ...

Seen this, but it's sort of useless as it allows for trivial solutions by increasing the size of the output's space up to a point any hashing function will achieve non-collision.

This question is trying to be the less useless version of that. I.e. to be about the case where the output range is small. Say that my outputs space is $\mathcal{S} = \{0, 1, \ldots, 10^{6}\}$. Here, collisions by using h ...

Let's use AES as stream cipher, and let's use as an input numbers $1,2,3,...$. This way we should get the random blocks and every block will be different from each other.

But I have a pseudorandom blocks generator which generate not always different blocks. So we could get block $B$ once and then for example again after let's say milion blocks it is possible to get again the same block $B$ (but it ...

https://github.com/tna0y/Python-random-module-cracker
Here, when we get 32*624 bits of outputs from Mersenne-twister we can recover Mersenne twister. My question is when we get the parts of the bits, how can we recover Mersenne twister? For example function `getrandbits`

from python random module gives only part of the bits. Is it available to untwist it?

It is well known that a true random generator exploits the randomness occurs in some physical phenomena. Also, the output of a true random generators can be either biased or correlated. Therefore, de-skewing techniques are required.

My question is that if we have two true random bit generators whose outputs are not passing the test-suite of NIST, can we combine these outputs to obtain a random bi ...