- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
From the words of the master himself:
Law RNG3: One should not use a random method to generate random numbers. - Donald Knuth
http://www.cs.utsa.edu/~wagner/laws/rng.html
Admin
Easy: "This code is unbreakable"
Admin
Admin
Yes, but if I need 64bit number with something else than 0 in first 32bits, then it will not help me :)
Admin
That's getting 2 random numbers, which is entirely valid. In fact, the prng is doing this when it gives you a 32 bit integer, as it's probably actually producing random bits, so it ends up using your method 32 times before you've used it once. This is valid. Seeding rand() with another rand(), or xoring rand()s and expecting more random results actually produces the opposite.
Admin
Oh, just expand it by adding a random number of 0's at random positions in between the 32 bits
Admin
Admin
Want something truly random and fun at the same time? Ready your webcam and have a look at:
http://findarticles.com/p/articles/mi_m1200/is_n6_v152/ai_19680954/print?tag=artBody;col1
or
http://www.lavarnd.org/news/lavadiff.html
P.S. You may want to test whether the randomness increases if you make funnier faces in front of the webcam...
Admin
If you look at the source code for libc's rand(), it's already doing that. You're only making it LESS random.
Admin
The interesting thing to me is that there's a teeny, tiny, microscopic kernel of truth to the reasoning. rand() is a pretty awful random number generator. There's a test in Knuth somewhere (I'm too lazy to get up to my bookcase and pull down the book) that shows that the distribution is anything but uniform.
drand48() and random() are much better, I believe, but it's been a long time since I tested them to be sure.
I remember getting badly bitten by rand() some (random) number of years ago.
None of that, of course, is by way of justification for the truly Byzantine code in the article, of course.
Admin
Statistical analysis will tell you how evenly deistributed the results are, but can it tell you whether the process deterministic or non-deterministic?
An algorithm that produces the same 3000 even distributed integers every time is not what we're looking for.
Admin
The above would be an epic win, but nobody writes jokes in base 13. :)
Admin
int rand() { static int current_rand = 0; current_rand = (current_rand + 1) % RAND_MAX; return current_rand; }
\o/
Admin
Seriously though, I still have yet to find a satisfying randomizer. Even for the simple task of randomly choosing a song to play, no matter which generator I try (Mersenne(sp?), random.org, etc), it still hits on the same one way too often, and it shows a lot of periodicity (hitting on songs in a certain cluster quite regularly, sometimes twice in a row). The closest I've gotten is to shuffle beforehand using an algorithm where the songs are divided between different hats and then you draw a number from each hat for each round. Not perfect, but at least you don't hear the same song over and over again.
Admin
result = 0xffffffff00000000 + rand();
There, something other than 0 in the first 32bits.
Admin
That is advice to live by. You may think you're the man, you may believe that you know the answer, but don't try to apply that amateur understanding to crypto. It is NOT intuitive, and it is too complex for many many people to fully understand.
Adhere to best practices, and watch how the pros do it. The true beauty of crypto is that just because two people are using the same exact method, doesn't make it any less secure.
Admin
The problem is that there will always be clusters of the same value in a random set. That's randomness for ya. It is only even distributed for a very large set. Roll a 6 sided die 20 or so times, are you are almost certainly likely to roll the same number 3 times in a row. Not very evenly distributed, but still random.
What it sounds like you want is a more even distribution of random-like numbers. Take a look at quasi random number generators (such as the Sobol sequence). They may provide the behaviour you are looking for.
Admin
And just to top it all off - the code doesn't even run correctly :)
i<(rand() & 16)
This will only ever enter the loop if rand() is exactly 16. And then it will randomize 16 times. Hell yeah :)
Admin
Cyclewaster.
result = -rand();
Admin
Admin
It takes 128 random bits together with a sector number and apply MD5 to generate 128 supposedly random bits. Those are used as 16 8-bit integers to lookup 16 8-bit integers in an array of random numbers. The result is 128 random bits....
Well, random but not uniformly random. The problem is, that there are two different ways two bytes could end up identical. You could have two indexes which happened to be the same, or you could have two different indexes selecting two values from two different places in the array, that happened to contain the same value.
The result is, that the probability of having two identical bytes in the 128 bit string is twice as high as it would have been if the values had been uniformly random.
The final step of that prng is to apply MD5 again, which of course doesn't add any entropy, so there are still values, which are about twice as likely as they should have been.
Admin
Why not just do the following:
1d% A dice roller bubble from the Trouble board game A web cam mounted above so the dice can be read A dice recognition program done by my boss' 15-year old nephew done by Excel VBA.
I think that is an adequately WTFed solution.
Admin
Admin
Admin
I was working on a dice roll function for Ada. So I had it initialize the random number generator every time it's called... Not exactly ideal when it's seeded from the clock. Stupidly, I put bunches of delay's in there to get it out of the 1ms hole before I realized I could simply move the prng state from the function to the package. Yeah, I did my on wtf.
Admin
You ruined random numbers to me. :D
Admin
Admin
Admin
for(i=0;i<(rand() & 16);i++)
Well. This it clever Maybe s/16/15/ ?
Admin
but nobody has mentioned his cleverness on this line:
Val[i]=(char)(( rand() >> 7) & 0x00FF);
Please everyone, always make sure to AND your 32-bit number with the 16-bit value 0x00FF before trying to stuff it into an 8-bit char. Otherwise your CPU will asplode from the dreaded Integer Overflow Error (IOE).
Admin
I don't believe that any of the ISO C, POSIX or SuS specifications make any mention of the method that should be used by rand(): different platforms may produce totally different results.
Admin
If you really want to increase the entropy, just wait around a bit. It's fool-proof. It'll only take a Poincaré recurrence time for the quantum state of a hypothetical box containing a black hole with the estimated mass of the entire universe, which is apparently 10^10^10^10^10^1.1 years, or thereabouts. Now, that's random, baby.
I wouldn't buy life insurance in the mean time, however.
Admin
Pseudo-randomization has all kinds of nasty effects and pitfalls if you know where to look for them.
Suppose you have 1,000,000 objects and want to select one at random. Try this?
Nope. Most (non-cryptographic) random number generators can produce 32,767 or 65,535 distinct random numbers. So (assuming the larger number) there are 65,535 of the 1,000,000 objects this can select randomly and the remaining 934,465 can never be selected, no matter how many times you try.
Okay, so try?
Nope. Pseudo-random numbers chain. That is:
seed0 --> random1,seed1 seed1 --> random2,seed2 seed2 --> random3,seed3 seed3 --> random4,seed4 ...and so on.So if the generator offers 65,535 different distinct values, that means that each of the n1 values is selected by one of about 65 distinct rand() results (because of 65,536/1000). Since the random that generates n2 is a direct consequence of the random that generated n1, if there were 65 values that can select a given n1 then there are exactly 65 values that will be returned for the succeeding n2. Or, restated, are 935 of 1,000 values of n2 that aren't possible for that given value of n1.
I've been chasing this because I'm looking for an algorithm to select jurors...from a very large pool (1 million+). Either of the above approaches would mean a lot of citizens get called repeatedly and a lot can never be called, which is really undesirable behavior. (This second attempt is actually just as bad as the first attempt.)
One approach that works (need 150 jurors from 1,000,000 citizens):
randomize; for i = 1 to 150 citizen[i] = int(rand() * 1000) next i randomize; for i = 1 to 150 citizen[i] = citizen[i] * 1000 + int(rand() * 1000) + 1 next iBut, no doubt, a quite a few programmers reading this would think it was a WTF.
Admin
For a secure randomiser, you would also need a Faraday cage. We haven't covered this topic yet (it may well be due in the next semeseter), but I believe the easy-to-follow, WTF-proof instructions to do so are as follows:
(a) Take one Faraday. (b) Make a cage out of it. (c) ??? (d) Paula!!!!
Admin
I see many mentioning the mersenne twister but forgetting to mention that it should not be used in cryptography. Sure it is fast and has good randomness but it is not secure.
Which PRNG you should use depends on the application.
But what you never should do is try to add entropy to an already existing algorithm. It does not work. Inventing or modifying algorthms to make them better is hard. Either you get the same entropy or worse.
Admin
I'd say there's only one random number - but it changes every time you look at it.
Admin
Admin
Which primes trick? Can somebody explain it please?
Admin
Admin
Actually pseudo-randomizing a pseudo-randomizer does increase randomness (as defined by tests of randomness of a pseudo-random sequence, for example correlation of subsequent random numbers etc.) by using algorith invented by Ulam (if I remember correctly) for Manhattan Project: fission simulations, namely having small array of pseudo-random numbers, and using second random number generator to choose an element of this array (and first random number generator to fill the item we did empty). And I think that can be proven mathematically.
Admin
int RandomNumberBetweenOneAndOneInclusive() { return 1; }
Admin
Heads!
Admin
Admin
Correct.
Assuming DISTINCT_VALUES = 65,536
The major and obvious problem with this is that the resulting indices would have a range of [1, (RAND_MAX * 1000 * 1000) + (RAND_MAX * 1000) + 1]. Which on my machine (besides being an integer overflow) is... 2,149,631,130,647,001. Additionally, you still only have two meaningful calls to rand. Thus only DISTINCT_VALUES * 2 out of 1,000,000 can be selected.
Now the proper way would be (assuming real numbers converted to an int at the end).
rand_calls = 1,000,000 / DISTINCT_VALUES; max = RAND_MAX * rand_calls; index = 0; for(int i = 0; i < rand_calls; ++i) index += rand(); index /= (max / 1,000,000); // Shift back to [0, 1,000,000].Not only can this get every index. It also has no more bias than created from the original rand function.
(Beware of bugs in the above code. Not only have I not proven it correct, but I'ave yet to even test it :P).
Admin
So, you generate a random string, enter this into google and hash the result.
99.9% of the time, your random string will be something which returns no reults. Hence, your "random generator" will almost always be ouputting a value based on the hash of the random string you created. Hence, the strength of your generator is only as strong as the strength of whatever you use to create the random string.
What were you hoping to achieve? May as well have just said "pick a random number and add 10"
Admin
Or, an external entropy source like a thermometer with a high degree of accuracy (8-10 decimal places should do) that you can chop some numbers off of the front of and use as a seed....
-- Captcha (how fitting): damnum (heh)
Admin
So... we need a USB device that contains a small quantity of a radioactive isotope that generates random numbers based on particle decay.
Admin
Nahhh, all we need is a small physics simulation of rolling a cube and coming up with which side faces up...
Admin
In conclusion, I'd like to echo the sentiment mentioned above a couple of times: friends don't let friends roll their own PRNG. Only you can stop the WTFs!
Admin
Isn't this why the man page on many systems says ;