On Mon, 4 Aug 2008, Stephan Neuhaus wrote:
> Or better still, make many tests and see if your p-values are
> uniformly distributed in (0,1). [Hint: decide on a p-value for that
> last equidistribution test *before* you compute that p-value.]
Of course, there are many tests for goodness of fit (Kol
On Aug 3, 2008, at 13:54, Alexander Klimov wrote:
If your p-value is smaller than the significance level (say, 1%)
you should repeat the test with different data and see if the
test persistently fails or it was just a fluke.
Or better still, make many tests and see if your p-values are
unif
On Thu, 31 Jul 2008, Pierre-Evariste Dagand wrote:
> Just by curiosity, I ran the Diehard tests[...]
>
> Sum-up for /dev/random:
> "Abnormally" high value: 0.993189 [1]
> "Abnormally" low value: 0.010507 [1]
> Total: 2
>
> Sum up for Sha1(n):
> "Abnormally" high values: 0.938376, 0.927501 [2]
> "Ab
Hi Ben,
http://www.cacert.at/cgi-bin/rngresults
Are you seriously saying that the entropy of FreeBSD /dev/random is 0?
Thanks for the notice, that was a broken upload by a user.
Best regards,
Philipp Gühring
-
The Cryptogr
Philipp Gühring wrote:
Hi,
I would suggest to use http://www.cacert.at/random/ to test the
randomness of the DNS source ports. Due to the large variety of
random-number sources that have been tested there already, it's useful
as a classification service of unknown randomly looking numbers.
Yo
Hi,
I would suggest to use http://www.cacert.at/random/ to test the
randomness of the DNS source ports. Due to the large variety of
random-number sources that have been tested there already, it's useful
as a classification service of unknown randomly looking numbers.
You just have to collect 1
Dirk-Willem van Gulik wrote:
I fail to see how you could evaluate this without seeing the code (and
even then - I doubt that one can properly do this -- the ?old? NSA habit
of tweaking your random generated rather than your protocol/algorithm
when they wanted your produced upgraded to export qu
>>> Ben wrote:
> But just how GREAT is that, really? Well, we don'
> t know. Why? Because there isn't actually a way test for randomness. Your
> DNS resolver could be using some easily predicted random number generator
> like, say, a linear congruential one, as is common in the rand() libra
> SHA-1(1), SHA-1(2), SHA-1(3), ... SHA-1(N) will look random, but clearly is
> not.
Just by curiosity, I ran the Diehard tests on /dev/random (FreeBSD
7.0) and a sha1 sequence of [ 1 ... N ]. Both random files are 63 Mb.
I know that there has been some controversy about /dev/random of
FreeBSD on
On 30 Jul 2008, at 21:33, Ben Laurie wrote:
For sure, it would be better if we could check the source code and
match the implemented RNG against an already known RNG.
But, then, there is a "the chicken or the egg" problem: how would you
ensure that a *new* RNG is a good source of "randomness" ?
On 30 Jul 2008, at 19:57, Pierre-Evariste Dagand wrote:
But just how GREAT is that, really? Well, we don'
t know. Why? Because there isn't actually a way test for
randomness. Your
DNS resolver could be using some easily predicted random number
generator
like, say, a linear congruential one,
> Date: Wed, 30 Jul 2008 21:22:59 +0200
> From: "Pierre-Evariste Dagand" <[EMAIL PROTECTED]>
> To: "Ben Laurie" <[EMAIL PROTECTED]>, cryptography@metzdowd.com
> Subject: Re: On the "randomness" of DNS
>
[...]
>
> For sure, it wo
Ben Laurie writes:
> Oh, and I should say that number of ports and standard deviation are not
> a GREAT way to test for "randomness". For example, the sequence 1000,
> 2000, ..., 27000 has 27 ports and a standard deviation of over 7500,
> which looks pretty GREAT to me. But not very "random".
T
Pierre-Evariste Dagand wrote:
I doubt you can get a large enough sample in any reasonable time.
Indeed.
I don't see the point of evaluating the quality of a random number
generator by statistical tests.
Which is entirely my point.
I fear I was not clear: I don't see what is wrong in evalu
> I doubt you can get a large enough sample in any reasonable time.
Indeed.
> > I don't see the point of evaluating the quality of a random number
> > generator by statistical tests.
> Which is entirely my point.
I fear I was not clear: I don't see what is wrong in evaluating the
quality of a r
Pierre-Evariste Dagand wrote:
But just how GREAT is that, really? Well, we don'
t know. Why? Because there isn't actually a way test for randomness. Your
DNS resolver could be using some easily predicted random number generator
like, say, a linear congruential one, as is common in the rand() li
> But just how GREAT is that, really? Well, we don'
> t know. Why? Because there isn't actually a way test for randomness. Your
> DNS resolver could be using some easily predicted random number generator
> like, say, a linear congruential one, as is common in the rand() library
> function, but DN
On Jul 30, 2008, at 1:56 PM, Ben Laurie wrote:
Oh, and I should say that number of ports and standard deviation are
not a GREAT way to test for "randomness". For example, the sequence
1000, 2000, ..., 27000 has 27 ports and a standard deviation of over
7500, which looks pretty GREAT to me. B
I thought this list might be interested in a mini-rant about DNS source
port randomness on my blog: http://www.links.org/?p=352.
Ever since the recent DNS alert people have been testing their DNS
servers with various cute things that measure how many source ports you
use, and how "random" they
19 matches
Mail list logo
