About polynomial-time “unpredictable” generators

So-called "perfect" or "unpredictable" pseudorandom generators have been proposed recently by people from the area of cryptology. Many people got aware of them from an optimistic article in the New York Times (Gleick (1988)). These generators are usually based on nonlinear recurrences modulo some integer m. Under some (yet unproven) complexity assumptions, it has been proven that no polynomial-time statistical test can distinguish a sequence of bits produced by such a generator from a sequence of truly random bits.In this paper, we give some theoretical background concerning this class of generators and we look at the practicality of using them for simulation applications. We examine in particular their ease of implementation, their efficiency, periodicity, the ease of jumping ahead in the sequence, the minimum size of modulus that should be used, etc.

[1]  P. L'Ecuyer A tutorial on uniform variate generation , 1989, WSC '89.

[2]  J. Doug Tygar,et al.  Efficient Parallel Pseudorandom Number Generation , 1988, SIAM J. Comput..

[3]  M. Rabin Probabilistic algorithm for testing primality , 1980 .

[4]  Vijay V. Vazirani,et al.  Efficient and Secure Pseudo-Random Number Generation , 1984, CRYPTO.

[5]  Vijay V. Vazirani,et al.  Trapdoor pseudo-random number generators, with applications to protocol design , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[6]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[7]  Leonid A. Levin,et al.  One way functions and pseudorandom generators , 1987, Comb..

[8]  Donald E. Knuth The Art of Computer Programming 2 / Seminumerical Algorithms , 1971 .

[9]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[10]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[11]  Paul Bratley,et al.  A guide to simulation (2nd ed.) , 1986 .

[12]  Jeffrey C. Lagarias,et al.  Unique Extrapolation of Polynomial Recurrences , 1988, SIAM J. Comput..

[13]  Pierre L'Ecuyer,et al.  Efficient and portable combined random number generators , 1988, CACM.

[14]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[15]  Alan M. Frieze,et al.  Linear Congruential Generators Do Not Produce Random Sequences , 1984, FOCS.

[16]  Leonid A. Levin,et al.  One-way functions and pseudorandom generators , 1985, STOC '85.

[17]  Joan Boyar,et al.  Inferring sequences produced by pseudo-random number generators , 1989, JACM.

[18]  Gilles Brassard,et al.  Modern Cryptology: A Tutorial , 1989 .

[19]  Alan M. Frieze,et al.  Reconstructing Truncated Integer Variables Satisfying Linear Congruences , 1988, SIAM J. Comput..

[20]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[21]  Gilles Brassard,et al.  Modern cryptology , 2006 .

[22]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[23]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[24]  F. Morain Implementation of the Atkin-Goldwasser-Kilian primality testing algorithm , 1988 .

[25]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[26]  Adi Shamir,et al.  On the Generation of Cryptographically Strong Pseudo-Random Sequences , 1981, ICALP.

[27]  Jacques Stern,et al.  Secret linear congruential generators are not cryptographically secure , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).