[Cryptography] new PRNG family
ab at bri-c.de
Fri Dec 5 02:30:19 EST 2014
Am 04.12.2014 um 22:20 schrieb Ray Dillinger <bear at sonic.net>:
> Well, I don't mean to be dismissive, but rounding means information loss
> from your generator, and every time you lose information from
> your generator you get a halfbit closer to being in a known state.
Not being a native english speaker, i don't know exactly how to interpret your intro, but i reassure you, i very much appreciate this dialog.
> To put it another way, your generator will gravitate fairly quickly
> onto cycles where there is no rounding at all (more precisely onto
> cycles where the rounding happens in the same direction every time
> through the cycle).
> This matters because the ratio of unreachable to reachable states
> is likely to be very large. If it turns out that most of your
> possible states are unreachable, then your generator necessarily
> has much shorter cycles than it could, because none of those
> unreachable states are on the cycles. And we still haven't
> considered how much the periods are shortened by the states
> being divided up among multiple cycles or how to tell how
> many different cycles there are.
> This is all general statistics, not real analysis of the specifics
> of your particular generator.
i would like to put in my words, would you please indicate, if i am on the right track:
looking at one log map:
1. the log map calc can have a number $nI$ of inputs that result in $nO$ outputs - need to assess both.
2. since $nD$ input numbers (call them BadNumbers) will result in the same output we have an information loss relative to this.
3. i need to get information on $nO$ / ($nI$ - $nD$)
4. i need to know how often 'BadNumbers' are reached ~ leaf nodes - if this is not evenly distributed
I think i get into less a statical but practical problem here. Since log map is chaotic and the number of possible inputs is limited by the FP representation of numbers between 0..1 being 2^51 ?(my question from the last post) the $nI$ would be this.
2^51 * 8 is 36 028 797 018 963 968 bytes
Because of 'chaotic' it should be unpossible to extrapolate - anyway, even if i try to predict from a sample set of 1:10^6 i would need to manage
36 028 797 018 bytes only talking about the input numbers - which i simply can't.
Or should i try and see how far i can go?
> The cryptography mailing list
> cryptography at metzdowd.com
More information about the cryptography