O'Reilly logo

Computer Science & Perl Programming by Jon Orwant

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 27. Random Number Generators and XS

Otmar Lendl

This article is a follow-up to John Orwant’s article, Randomness. I’d like to give some more background, provide another code snippet for serious pseudorandom number generation, and give a tour of XS, the bridge between Perl and C.

Random Versus Pseudorandom Numbers

Cryptography is the classic example of a domain that requires a good source of truly random numbers. Random numbers are used as session keys, initialization vectors, seeds for RSA prime number generation, and myriad other applications.

The security of a cryptographic algorithm usually depends on the futility of guessing the random numbers chosen by the computer. The key concept is entropy, a measure of the uncertainty contained in a set of values. For example, a user asked to type some random characters is much more likely to type asdf than 9m]g; the entropy is thus not as high as it would be if all strings were equally likely. Thus, even though we type in seven-bit ASCII, we can’t generate 35 random bits from just five keystrokes; a common rule of thumb is that the entropy per keystroke is in the range of 1.0 to 1.5 bits.[16] So to generate 35 truly random bits, we need to use at least 35 keystrokes.

We can use this rule to build a random number generator that combines the entropy inherent in various computer components. They’ll be deterministic, but unpredictable from the outside—people who don’t have physical access to the computer haven’t a prayer of guessing the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required