Hello;
Always in my professional and scientific work I was wondering where to get a random sequence. A string with which I will be able to secure my data. Everyone knows methods of breaking passwords or just random sequences (all connected with IT, of course).
I started probably like most of you from the random function in excel, but it was not the fulfillment of my dreams.
This week, the article https://www.livescience.com/62271-random-numbers-quantum-mechanics.html was published, which describes a new method of generating random sequences. In my opinion, generating 1024 random sequences in 10 minutes is really a success.
If you take into account, for example, a pseudo-random sequence of 180 years, you are able to emulate, for example, in 20 minutes instead of a year ... unless it makes a difference.
1) Do you use pseudo-random sequences in your professional work?
2) If so, what length of strings do you use and what generators do you use?
3) Do you think that pseudorandom sequences are able to secure our data well?
4) Is white noise not the best pseudo-random sequence?
5) ... Maybe you want to ask something ??
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteHonestly I do not use use pseudo-random sequences in my professional work and do not see such possibility to use it in tasks that I have to perform.
2) If so, what length of strings do you use and what generators do you use?
As I said I do not use them, but if I was using sequences I would probably use Linear Feedback Shift Register that is also called LSFR. Feedback shift registers have been generating random sequences for a long time. They're discussed in Numerical Recipes in C and by Knuth. Basically, they consist of a shift register and a feedback sequence. Everytime a random bit is needed, all the bits in the register shift 1 bit to the right (the low-order bit falls into the bit bucket), and a new high-order bit is calculated as a function of the other bits and appended to the left side of the register. The generator returns the low-order bit.
3) Do you think that pseudorandom sequences are able to secure our data well?
The choice of secret keys for cryptographic primitives largely depends on the quality of random numbers used. These random numbers are fundamental tools in the generation of secret keys and initialization variables of encryption for cryptographic application, masking protocols, or for internet gambling. Chaotic Pseudorandom numbers were found to be very efficient in this aspect. The relevance of pseudorandom sequences in ensuring security in cryptosystems is considered, at the same time reviewing statistical tests required to make such sequences cryptographically secure.
4) Is white noise not the best pseudo-random sequence?
Probably it is.
Funny to find this topic for me - I was faced with the randomness exactly today afternoon (see the commit date: https://github.com/tgandor/meats/commit/3712795df2807e4b53b3f73dd38d94abed6260c2 )
ReplyDelete1) Do you use pseudo-random sequences in your professional work?
http://www.dictionary.com/browse/pseudorandom
Yes, well, Keras uses them internally, and then I use the `random` module in Python, as well as `numpy.random`. I really do use it quite a lot.
2) If so, what length of strings do you use and what generators do you use?
Today it was dozens of GiB. For passwords, which are much shorter, I use about ~100 bits of entropy (there are tools which generate the required strength).
3) Do you think that pseudorandom sequences are able to secure our data well?
Mostly, yes. Large servers and reliance on "central" providers is weak, but individual random sequences can be generated for everybody using some hardware and biometrics.
It's implemented in Linux as /dev/random and /dev/urandom virtual files. The first one generates little data, but with good randomness (see above). The second one can generate large amounts of data using only a little of randomness, by using pseudorandom generators (PRNG).
4) Is white noise not the best pseudo-random sequence?
White noise is not pseudorandom. It is simply _random_. It's a great source of entropy (a "randomness" measure), but... how to get it - it's quite expensive. One way is to combine a radioactive isotope and a Geiger counter. But I don't personally have one at home, neither do I know anybody who does.
I'm very happy that I found something that will be useful to others. Usually, each of us writes something for themselves. Today, I managed to write something for someone else. I'm hoping that in your work (at the review of literature and news) you will be able to use exactly what I found. Regards :-D
DeleteAd1.
ReplyDeleteIn my research I randomly choose which numbers will be included in the tested data set and the teaching data set.
Ad2.
I use it usually: Matalb Pseudorandom and Quasirandom Number Generation
Ad3.
Unfortunately I do not know about data encryption. But I think the longer the random key, the longer the break time of the encryption. Also I think that data which I am collecting are not so valuable that someone has a reason to break them. I think that the available number generators are fulfilling their function.
Ad4.
White noise is a random signal having equal intensity at different frequencies. There are mathematical methods for extracting independent sources from a signal which at first seems random. This method is independent component analysis. o if we can find sources that create noise, we will be able to break such a code.
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteI use it to randomise the data, for example when I split it into test and training sets, or some other purposes.
2) If so, what length of strings do you use and what generators do you use?
I use functions that are provided in Python or R.
3) Do you think that pseudorandom sequences are able to secure our data well?
I think they are until someone will find a method to decrypt almost every pseudorandom sequence.
4) Is white noise not the best pseudo-random sequence?
As far as I know it is but I am not an expert in signal processing.
1. Actually, I don’t use such tools in my work. I have no experience with such solutions, my work didn’t required from me to gain such experience.
ReplyDelete2. As I’ve written above, I have no experience in this respect, so please let me know, what generator you would recommend, if I needed that?
3. As for the question about security: I do not trust such tools. If something is created artificially, it can be broken also more easily the same way, in my opinion. Maybe if I had some experience in this respect, I’d be more open, and - like with everything - I could get used to that.
4. I guess, there is no universal rule in this respect. Unfortunately, we live in “PIN & password’s world”, and the cryptography as science is being developed faster than other branches. We cannot be sure that we have “best sequence”. This is illusion of safety, because someone can be more clever or be more lucky, and that’s why it is valid for very short time.
5. Do you use it in professional life? How?
Ad 2) Blum Blum Shub is a very interesting generator based on the form:
DeleteX (n + 1) = (X n) ^ 2 mod M where Xn is the next state, and M is the product of two large prime numbers p i q giving in division by 4 the remainder 3 (so that each square modulo p has one square root, which is also a square residue), and having as small NWD as possible φ (φ (p - 1), φ (q - 1)) φ is an Euler function (which ensures a long cycle). The result of the generator is the last few bits of Xn.
Ad5) at the moment I do not use algorithms generating pseudo-random numbers.
Thank you, Michał.
Delete1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteAs Tomasz wrote -pseudo random sequences are part of keras library (for instance pseudo-random number generator). Sometimes we are not aware that we use something because it is hardcoded into combined library / module.
2) If so, what length of strings do you use and what generators do you use?
It depends on problem that we will analyze. You have to adapt it. As I wrote above for instance pseudo-random number generator might be an example.
3) Do you think that pseudorandom sequences are able to secure our data well?
Probably yes. We can use them as an hash for our data, or just extend encrypted message by pseudo-randomed string attached to it.
4) Is white noise not the best pseudo-random sequence?
I am pretty sure that the best pseudo-random sequence does not exist. We can not assume that the best option exist because each of solutions has pros and cons. Nevertheless cryptography is not my field.
5) ... Maybe you want to ask something ??
Could you post your answer for the 1st question.
regards
Ad 5) At the moment I don't use, but I agree that we often use libraries that have hidden functions that we know little about it
DeleteLike others, my only contact with random numbers at work is probably initialization of networks parameters and I guess it's not what you meant. However, a few times I used random strings to include sensitive data in dockerfiles.
ReplyDeleteI remember that a few years ago when I was doing something in Matlab I had to check what algorithm exactly is used for generating random numbers and that was the Mersenne Twister, but I totally forgot what I needed it for.
As far as I know, currently 256-bit random strings are enough to secure a data. I also heard that it's about to change with quantum computers.
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteNo I do not use pseudo-random sequences in my professinal work.
2) If so, what length of strings do you use and what generators do you use?
I don't use this kind of sequences.
3) Do you think that pseudorandom sequences are able to secure our data well?
No I do not think so. First of all we should focus on well design and developed software (also on this stage we should take care about security at the same beggining of development). Later we can think about securing our data.
4) Is white noise not the best pseudo-random sequence?
I always thought that Perlin Noise is the best pseudo-number generator
5) ... Maybe you want to ask something ??
No :-), but have a nice weekend.
Thank you very much!
Delete1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteSometimes I use pseudo-random numbers to select a subset of data from a larger set. Probably they are also used by libraries which I use although I am not always aware of it.
2) If so, what length of strings do you use and what generators do you use?
I use Randu generator in R language and generator in "random" C++ library. The length of the sequence depends on the data I'm dealing with.
3) Do you think that pseudorandom sequences are able to secure our data well?
Every year computers have more and more computing power. That's why we need to work on how to get closer to achieving real randomness in the shortest possible time. Otherwise, the protections we know now may be broken and there will be no good alternative for them.
4) Is white noise not the best pseudo-random sequence?
I think this is the best way to get pseudo-random sequences at the moment. I found that the website Random.org uses a system of atmospheric antennae to generate random digit patterns from white noise.
This comment has been removed by the author.
ReplyDelete1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteI didn't use pseudo-random sequences (not yet), but I use old method which could get us strong password. All what you need to remember is long (the longer, the better) sentence e.g. every morning I wake up with smile on my face and plan all my day before stand up.
Now it's easy-get first letter from this sentence:
emiwuwsomfapamdbsu
...and get some untypical sign (and big letter for word which are the most important for us eg. every, morning and plan):
E^iwuw50^faPamdb5u
It look streing, but when you say this sentence in mind this is easy.
Try to break similar password-good luck ;)
2) If so, what length of strings do you use and what generators do you use?
I don't use generator. Length of my passwords is different.
3) Do you think that pseudorandom sequences are able to secure our data well?
I think that yes. If application is good configured (e.g. didn't let for brute force) and our password have big/small letter (not only first big letter-it's typical), numbers, special signs, length >15 and MOST IMPORTANT nobody know this password is enough.
4) Is white noise not the best pseudo-random sequence?
I have no opinion. I don't have comparassion.
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteI do not use it directly, but probably indirectly, using programs in the client-server architecture, where data exchange is encrypted using pseudo-random sequences.
2) If so, what length of strings do you use and what generators do you use?
The length of used strings is 128 bits. Unfortunately I don’t know what kind of generator is used – it is hardcoded.
3) Do you think that pseudorandom sequences are able to secure our data well?
The generator's method of operation, described in the article, is very likely to be unpredictable (read: not hacked) for a long time. As of today, it certainly looks promising. We will see what the future will bring...
4) Is white noise not the best pseudo-random sequence?
I'm not convinced about the unpredictability of noise at all. In my opinion every noise is somehow predictable because it generates waves from a specific frequency range. I’m not an expert but I think that such method is still susceptible to attack.
5) ... Maybe you want to ask something ??
No, thanks ;)
First of all, I want to thank you for interesting questions
ReplyDelete1) Do you use pseudo-random sequences in your professional work?
Yes of course, sometimes I use pseudo-random sequences in my work, for example, MathRandom in Java. The simplest example is generation of tokens in the URL-addressof the user.
2) If so, what length of strings do you use and what generators do you use?
Since I work with sites, I have to deal with personal data of users that need to be processed and encrypted. For example, SHA and DSA algorithms
3) Do you think that pseudorandom sequences are able to secure our data well?
Yes, there is always the possibility of hacking data, so sometimes you have to use pseudorandom sequence
4) Is white noise not the best pseudo-random sequence?
Unfortunately. I am not competent in this matter
5) ... Maybe you want to ask something ??
No, thank you)
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteI do not use. I was interested in the topic of engineering studies. But I have never used it in practice.
2) If so, what length of strings do you use and what generators do you use?
-
3) Do you think that pseudorandom sequences are able to secure our data well?
the word pseudo tells me everything. Everything depends on what is hidden under it, and how good the method is. If we use an advanced method that provides the greatest entropy. for some applications it is ok.
4) Is white noise not the best pseudo-random sequence?
I have heard the most about white noise in my studies. I once remember reading about a processor or motherboard that had a built-in white noise generator. interesting. You encouraged me with this article, I will read more soon.
1. Do you use pseudo-random sequences in your professional work?
ReplyDeleteYes, I do. I'm a Python and C# programmer. In my work I often met with the need to generate a random number or string of characters.
2. If so, what length of strings do you use and what generators do you use?
At work I used libraries available for a given language. I used it to implement encryption algorithms. I generated keys with a length of 2048 bits.
3. Do you think that pseudorandom sequences are able to secure our data well?
It depends on the algorithm and the length of the generated string. The factor of randomness must also be taken into account.
4. Is white noise not the best pseudo-random sequence?
I don't know. It may be. I am not an expert in a given field. It's difficult for me to comment on this topic about white noise.
5. ... Maybe you want to ask something ??
No, thank you. The article is very interesting.
Thank you for a very interesting article. I like this area. In my work, I don't use number generators. The idea of the work of pseudorandom number generators based on quantum mechanics is very logical. I see enormous potential in this approach. I believe that this attitude will increase the level of security significantly. I have some concerns about the available white noise generators. In my opinion, the guarantees given by their actions are limited ...
ReplyDelete
ReplyDelete1) Do you use pseudo-random sequences in your professional work? No I do not.
2) If so, what length of strings do you use and what generators do you use?
-
3) Do you think that pseudorandom sequences are able to secure our data
Cryptographers have shown that an unpredictable Pseudo Random Generator is secure when it is computationally indistinguishable from truly random data. That is, if we designed a predictor that would predict the next bit of data in a sequence given previously generated data, that predictor would be unable to distinguish between data generated by the pseudorandom function and data generated by a truly random function. Mathematically, it is unknown whether or not we can prove this. This, I believe, is where a lot of the confusion around pseudorandomness is derived.
4) Is white noise not the best pseudo-random sequence?
White-noise generator do not satisfy all of the following generally well-accepted random number generation criteria. A generator should be:
random, controllable, portable, efficient, documented. So while it could be possible to use a white-noise generator to get "better" random numbers, they have not gained acceptance because they do not follow most of the criteria above.
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteYes, I'm using pseudo-random sequences for hash generation.
2) If so, what length of strings do you use and what generators do you use?
Commonly, I'm using PHP built-in function openssl_random_pseudo_bytes and I create the md5 hash of them, so the length is 32.
3) Do you think that pseudorandom sequences are able to secure our data well?
I think that they are good enough. I'm not an expert, but as far as I know, SSL encryption depends on them heavily and it's considered to be secure.
4) Is white noise not the best pseudo-random sequence?
I don't know, but I can see that you are interested in the subject, so..
5) ... Maybe you want to ask something ??
.. do you think that white noise is the best pseudo-random sequence?
Cheers!
Ad 5) That's what I think
Delete1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteYes, there are many places in software I need random numbers. Establishing SSL connections being most common.
2) If so, what length of strings do you use and what generators do you use?
Mostly just pulling data from /dev/random or /dev/urandom. And I also, as Tomasz wrote, found out hard way that /dev/random is slow.
3) Do you think that pseudorandom sequences are able to secure our data well?
I think history teaches us that its side-channel attacks and trivial bugs in handling of buffers we should be more afraid of.
4) Is white noise not the best pseudo-random sequence?
As noted above - it is ultimate randomness I think, by definition.
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteI mainly use pseudo-random numbers for selection of a subset of data and for any other pricing algorithms I implement.
2) If so, what length of strings do you use and what generators do you use?
I use random C++ library and the length of the sequence may depend on the task I am dealing with.
3) Do you think that pseudorandom sequences are able to secure our data well?
I think that anyway the security is an illusion - it is a matter of time to break the security.
4) Is white noise not the best pseudo-random sequence?
I am afraid I have no alternative for the white noise. However, I have heard, that it is not sufficient.
1) Do you use pseudo-random sequences in your professional work?
ReplyDeleteI'm using GPG and Thunderbird’s plugin Enigmail for encrypting emails.
2) If so, what length of strings do you use and what generators do you use?
GPG have to generate keys that are large and unique.
The way to do that is to use a high entropy random number source. In this case, Linux has the /dev/random and size of the key in RSA is 4096 bits.
3) Do you think that pseudorandom sequences are able to secure our data well?
I think the biggest weakness in security is human factor - in RSA you can create very weak 4096 bit public key.
Of course there is safer way to encrypt data, such as using one-time pad algorithms.
But asymetric cryptography works as well.
4) Is white noise not the best pseudo-random sequence?
I don't know, but I think in special terms you can take white noise from tv to make good random numbers generator.
5) Maybe you want to ask something ??
This is very interesting topic, but I can’t think about any specific question right now.
Ad 5)very pity
DeleteThank you very much for a very interesting and developing subject. As per your questions:
ReplyDelete1) Do you use pseudo-random sequences in your professional work?
Not really, but sometimes I might use it to randomise data, but not very often.
2) If so, what length of strings do you use and what generators do you use?
Python functions.
3) Do you think that pseudorandom sequences are able to secure our data well?
At least until someone figures out how do decrypt them in a fast and efficient manner.
4) Is white noise not the best pseudo-random sequence?
I guess so, nevertheless I'm not an expert in this field.
Thanks a lot for sharing this amazing knowledge with us. This site is fantastic. I always find great knowledge from it. Basic Physics
ReplyDeleteSucceed! It could be one of the most useful blogs we have ever come across on the subject. Excellent info! I’m also an expert in this topic so I can understand your effort very well. Thanks for the huge help. http://www.fafa191.com/th/fifafootball
ReplyDeleteInteresting Article. Hoping that you will continue posting an article having a useful information. Miami Divorce Attorney
ReplyDeleteThis article was written by a real thinking writer without a doubt. I agree many of the with the solid points made by the writer. I’ll be back day in and day for further new updates. bandar togel terpercaya
ReplyDeleteNice post! This is a very nice blog that I will definitively come back to more times this year! Thanks for informative post. http://www.onlinecasinos24.eu/
ReplyDeleteGreat survey, I'm sure you're getting a great response. live22
ReplyDeleteYou make so many great points here that I read your article a couple of times. Your views are in accordance with my own for the most part. This is great content for your readers. kubet
ReplyDeleteVery nice article, I enjoyed reading your post, very nice share, I want to twit this to my followers. Thanks!. BK8 Slot
ReplyDeleteThanks for the blog filled with so many information. Stopping by your blog helped me to get what I was looking for. Now my task has become as easy as ABC. 918kiss
ReplyDeleteCool stuff you have got and you keep update all of us. cf68
ReplyDeleteGreat articles and great layout. Your blog post deserves all of the positive feedback it’s been getting. dg
ReplyDeleteThis is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value. Im glad to have found this post as its such an interesting one! I am always on the lookout for quality posts and articles so i suppose im lucky to have found this! I hope you will be adding more in the future... เกมสล็อต
ReplyDeleteI high appreciate this post. It’s hard to find the good from the bad sometimes, but I think you’ve nailed it! would you mind updating your blog with more information? 먹튀검증업체
ReplyDeleteWow! Such an amazing and helpful post this is. I really really love it. It's so good and so awesome. I am just amazed. I hope that you continue to do your work like this in the future also เว็บพนันบอล ฝากขั้นต่ํา100
ReplyDeleteVery good points you wrote here..Great stuff...I think you've made some truly interesting points.Keep up the good work. joker สล็อต
ReplyDeleteJoker123 slot gaming สล็อตออนไลน์ หากคุณมองหาความสนุกที่มั่นคง เล่นเว็บตรงอันดับหนึ่งเท่านั้น เกมยิงปลา เกมสล็อต บนมือถือ ได้ทุกที่กับ Joker123 ฝากง่ joker gaming
ReplyDeletei never know the use of adobe shadow until i saw this post. thank you for this! this is very helpful. สมัครจีคลับ6666
ReplyDeleteVery nice article, I enjoyed reading your post, very nice share, I want to twit this to my followers. Thanks!. 안전놀이터
ReplyDeleteYou make so many great points here that I read your article a couple of times. Your views are in accordance with my own for the most part. This is great content for your readers. หนังออนไลน์
ReplyDelete