Re: 8 bit white noise algorithm

John E. Hadstate wrote:
"Steve Underwood" <steveu@xxxxxxx> wrote in message news:ebbi75$dlb$1@xxxxxxxxxxxxxxxxxx
What is the right way to do the job?

As I suggested above, take any vetted, modern block cipher algorithm: DES, 3DES, AES, Skipjack (designed for embedded implementations), Twofish, Blowfish, IDEA, there are more. Key the cipher with the key of your choice (since security is not a concern, key management is not a concern). Create a multi-byte counter the same size as the cipher's block. Encrypt the counter and get a set of pseudo-random bytes. Each time you run out of bytes, increment the counter and encrypt again.

I've never found a form of pseudo random generation that doesn't some day waste lots of my time
investigating something that turn out to be a quirk of the generator.

The nice thing about this approach is you don't have to take the word of some bozo on USENET. You've got the NSA to back this one up. There are proofs of security behind it. To this point, security has not been mentioned as a requirement, however, security is based to a large extent on the guarantee that you can't predict the next byte with any probability greater than sheer guessing (1/256) no matter how much history you have available. This is not true for streams generated by LFSRs or LCGs.

There are PRNGs, and then there are crypto-quality PRNGs. As a practical matter, you're not going to distinguish a crypto-quality PRNG from random white noise in trillions of years, no matter how much computing power you have. As an

This greatly overestimates the quality of these algorithms. Most crypto algorithms only achieve high security when used in a rolling mode, initially seeded with something truly random. Most computers these days have a random generator based on genuine sources of entropy. The generator cannot generate numbers quickly, but it is adequate to generate an initial seed for a crypto stream. Without that, most crypto is breakable in a realistic time.

aside, some "generator quirks" are really the result of the observer not having a good understanding of the properties of random sequences.

True, but I was referring to things like LCGs. In a commonly used one the LSB goes 1,0,1,0 forever. More subtly, in some, bit X of every Yth sample is always zero. Most fast PRNGs have some kind of pattern things going on, though most are less obvious than the 1,0,1,0 thing.

Regards,
Steve
.

Relevant Pages