How Do You Know If Your Random Number Gnerator Is Working? (and lifehacking/sleep & grounding & Douglas Adams)

Mostly, you don’t.

That’s the conclusion of Matthew Green’s random number checking methodology review… yes, you can check a RNG is not obviously broken (i.e. does the output “look” random?) and that it does what it’s supposed to given a very specific case…

…but when it comes to checking that someone didn’t maliciously backdoor your RNG, you’re more or less up crypto creek without a paddle unless you want to check everything by hand.

Also, here’s a neat tip from the lifehacking department. Grab that ESD wriststrap (you’ve still got it from back in the ’90s when you needed one to repair your IBM compatible, right?) or ankle strap and ground yourself while you sleep.

Reminds me of one of my favorite ever quotes:

“One of the more peculiar things that has happened to me is that as a result of an idea I had as a penniless hitch-hiker sleeping in fields and telephone boxes, publishers now send me round the world on expensive author tours and put me up in the sort of hotel room where you have to open several doors before you find the bed. In fact I had just arrived directly from a US author tour which was exactly like that, and so my first reaction to finding myself sleeping on concrete floors in spider-infested huts in the middle of the jungle was, oddly enough, one of fantastic relief. Weeks of mind-numbing American Expressness dropped away like mud in the shower and I was able to lie back and enjoy being wonderfully, serenely, hideously uncomfortable. I could tell that Mark didn’t realise this and was at first rather anxious showing me to my patch of floor -‘Er, will this be all right? I was told there would be mattresses … um, can we fluff up the concrete a little for you?’ and I had to keep on saying, ‘You don’t understand. This is great, this is wonderful, I’ve been looking forward to this for weeks.'” — Douglas Adams, “Last Chance to See”

http://www.esdjournal.com/articles/cober/ground.htm
https://www.ncbi.nlm.nih.gov/pubmed/15650465

http://blog.cryptographyengineering.com/2014/03/how-do-you-know-if-rng-is-working.html

Advertisements
%d bloggers like this: