Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Why Random Matters

duongkai
December 20, 2013
68

Why Random Matters

Presentation @OWASP @Hackerspace.vn 21/12/2013

duongkai

December 20, 2013
Tweet

Transcript

  1. Why Random (RNG) Matters Random in Computing environment: producing an

    unpredictable result is desirable  Gambling  Statistical sampling  Cryptography  Computer simulation
  2. RNG Theory  Random Number Generator: is a computational or

    physical device designed to generate a sequence of numbers or symbols that lack any pattern, i.e. appear random.  In computing environment, we often see Pseudo-Random numbers (PRNG)
  3. RNG Theory A pseudorandom number generator (PRNG), also known as

    a deterministic random bit generator (DRBG)  A secret seed  Deterministic algorithm  Satisfy statistical test
  4. RNG Theory  In modern OS, we have random source

    (/dev/random).  We must trust in secure manner  Use as a seed of PRNG
  5. Poking “de-facto” PRNG  The Mersenne twister is a pseudorandom

    number generator (PRNG). It is the "industry standard" PRNG.  The default PRNG for R, Python, Ruby, IDL, Free Pascal, PHP, Maple, MATLAB, the GNU Multiple Precision Arithmetic Library, and the GNU Scientific Library. It is also available in C++ since C++11. Add-on implementations are provided by the Boost C++ Libraries, Glib, and the NAG Numerical Library.