EntroBeam

Searchâ€¦

Random bit generators

Random number generation is a process by which, often by means of a random number generator (RNG, Random bit generator, RNG), a sequence of numbers or symbols that cannot be reasonably predicted better than by random chance is generated. This means that the particular outcome sequence will contain some patterns detectable in hindsight but unpredictable to foresight.

Various applications of randomness have led to the development of several different methods for generating random data. Some of these have existed since ancient times, among whose ranks are well-known "classic" examples, including the rolling of dice, coin flipping, the shuffling of playing cards, the use of yarrow stalks (for divination) in the I Ching, as well as countless other techniques. Because of the mechanical nature of these techniques, generating large quantities of sufficiently random numbers (important in statistics) required much work and time. Thus, results would sometimes be collected and distributed as random number tables.

Already familiar technologies such as Bitcoin or Ethereum use a digital signature called ECDSA (Elliptic Curve Digital Signature Algorithm) to create accounts and control permissions. In general, the essential things for users are a public key and a private(secret) key. **Since a public key is extracted or derived from a private key, a private key is significant.** Your account password or recovery phrase is just a way to access this private key, not the private key itself. So then, how is the secret key generated? ECDSA secret key can be applied in any format as long as it is a 256-bit hexadecimal format string. So, even if the user writes an arbitrary string matching the format, the secret key will work. However, this is by no means recommended. Any value entered by a human has a biased value and is vulnerable to a secret key expose. That's why the secret key is always randomly(random bit-strings) generated.

Essentially, random bit-strings are used for all Digital Signature Algorithms, Public-key Encryption and Key-establishment Algorithms as well as ECDSA. Even Post-Quantum Cryptography (PQC) Public-key Encryption and Key-establishment and Digital Signature led by the high-level NIST also uses random bits. The secure entropy input as a random bit source is significant.

This one has a low correlation with EntroBeam, but is here to prevent you from misunderstanding.

But be mindful. The method of stealing the private key by randomly substituting the random bit string itself has an extremely low success probability even if quantum computers are operated at a stable absolute temperature forever in the distant future. However, it is possible to infer the range of the private key from the public key. (Of course, in this case, one public key must generate a lot of signatures.)

The three main components of a cryptographic RBG are a source of random bits (an entropy source), an algorithm for accumulating and providing random bits to the consuming applications, and a way to combine the first two components appropriately for cryptographic applications.

EntroBeam mixes two entropy registry transactions to generate 256-bits secure hexadecimal entropy. Users can use it at random as it is or convert it to decimal or binary. In cases, users may end up using modulo or bitwise operations, Fisherâ€“Yates shuffle. Users can process entropy in various ways, and it depends on the algorithm of the cryptographic application. If you want more unpredictable security entropy, the method of accumulating secure entropy with multi-transaction is recommended.

Most computer programming languages include functions or library routines that provide random number generators. They are often designed to provide a random byte or word, or a floating point number uniformly distributed between 0 and 1.

The quality i.e. randomness of such library functions varies widely from completely predictable output, to cryptographically secure. The default random number generator in many languages, including Python, Ruby, R, IDL and PHP is based on the Mersenne Twister algorithm and is *not* sufficient for cryptography purposes, as is explicitly stated in the language documentation. Such library functions often have poor statistical properties and some will repeat patterns after only tens of thousands of trials. They are often initialized using a computer's real time clock as the seed, since such a clock generally measures in milliseconds, far beyond the person's precision. These functions may provide enough randomness for certain tasks (for example video games) but are unsuitable where high-quality randomness is required, such as in cryptography applications, statistics or numerical analysis.

One of the most common RNG is the linear congruential generator, which uses the recurrence.

$X_{n+1}=(aX_n+b)\mod m$

to generate numbers, where $a,b$

and $m$

are large integers, and $X_{n+1}$

is the next in $X$

as a series of random numbers. The maximum number of numbers the formula can produce is one less than the modulus, $m-1$

. The recurrence relation can be extended to matrices to have much longer periods and better statistical properties .But an extra step is required to arrive at the "canonical" uniform distribution between 0 and 1. The implementation is not as trivial as dividing the integer by its maximum possible value. Uniformly distributed integers are commonly used in algorithms such as Fisher-Yates shuffle. Again, a naive implementation may induce a modulo bias into the result, so more involved algorithms must be used. A method that nearly never performs division was described in 2018 "Fast Random Integer Generation in an Interval" by Daniel Lemire, with the current state-of-the-art being the arithmetic encoding-inspired 2021 "optimal algorithm" by Stephen Canon of Apple Inc.â€‹

Given a source of uniform random numbers, there are a couple of methods to create a new random source that corresponds to a probability density function. One method, called the inversion method, involves integrating up to an area greater than or equal to the random number (which should be generated between 0 and 1 for proper distributions). A second method, called the acceptance-rejection method, involves choosing an x and y value and testing whether the function of x is greater than the y value. If it is, the x value is accepted. Otherwise, the x value is rejected and the algorithm tries again.

As an example for rejection sampling, to generate a pair of statistically independent standard normally distributed random numbers *Î¸*~UNIFORM(0,2Ï€) (refer Boxâ€“Muller transform).

$(x,y)$

, one may first generate the polar coordinates $(r,\theta)$

, where $r^2$

~â€‹${\mathcal{X}_2}^2$

â€‹(Chi-squared)and EntroBeam provides the secure entropy that is the source of RBG. But for now, it doesn't provide RBG. Of course, EntroBeam contract secure entropy can be applied as RBG as-is, but there is a fundamental difference algorithmically.

Last modified 6mo ago

Copy link

On this page

Definitions

General issues

Generation methods