CODEWITHSUNDEEP
testingrandomcryptography
tll
tll

Reputation: 397

How to test a cryptographically secure random number generator

More or less out of curiosity, what defines a random number generator to be cryptographically secure? Would testing for non-cryptographically secure and cryptographically secure generator different?

Related post here: How to test a random generator

Upvotes: 2

Views: 2496

Answers (2)

user149341
user149341

Reputation:

Testing a general-purpose random number generator for quality typically involves running various statistical tests which show that its results are not biased in certain ways. NIST has a set of tests that they use for this, detailed at: http://csrc.nist.gov/groups/ST/toolkit/rng/index.html

Showing that a random number generator is cryptographically secure is not a matter of testing at all — it's a matter of proof. This typically comes down to showing that, to predict the future (or guess the past) output of the RNG from a sample of its output (and, in some cases, even when controlling part of its input), one would have to defeat a cryptographic hash, cipher or other problem that is generally regarded as intractible. This is a fundamentally human-driven process; it cannot be performed mechanically.

Upvotes: 4

paulsm4
paulsm4

Reputation: 121669

1) As far as "what constitutes a 'Cryptographically Secure Pseudo Random Number Generator' (CSPRNG)?", Wikipedia has a good list of criteria:

http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator.

2) As far as "How to test", you might consider Chi-square:

http://en.wikibooks.org/wiki/Algorithm_Implementation/Pseudorandom_Numbers/Chi-Square_Test

Upvotes: 0

Related Questions