Abstract
Many cryptographic systems require random numbers, and the use of weak random numbers leads to insecure systems. In the modern world, there are several techniques for generating random numbers, of which the most fundamental and important methods are deterministic extractors proposed by von Neumann, Elias, and Peres. Elias’s extractor achieves the optimal rate (i.e., information-theoretic upper bound) if the block size tends to infinity, where is the binary entropy function and p is the probability that each bit of input sequences occurs. Peres’s extractor achieves the optimal rate if the length of the input and the number of iterations tend to infinity. Previous research related to both extractors has made no reference to practical aspects including running time and memory size with finite input sequences. In this paper, based on some heuristics, we derive a lower bound on the maximum redundancy of Peres’s extractor, and we show that Elias’s extractor is better than Peres’s extractor in terms of the maximum redundancy (or the rates) if we do not pay attention to the time complexity or space complexity. In addition, we perform numerical and non-asymptotic analysis of both extractors with a finite input sequence with any biased probability under the same environments. To do so, we implemented both extractors on a general PC and simple environments. Our empirical results show that Peres’s extractor is much better than Elias’s extractor for given finite input sequences under a very similar running time. As a consequence, Peres’s extractor would be more suitable to generate uniformly random sequences in practice in applications such as cryptographic systems.
Highlights
Many cryptographic systems require random numbers, and the use of weak random numbers leads to insecure systems
We will perform non-asymptotic analysis for the wide range of parameters for Elias’s and Peres’s extractors, to answer the following question: which is more suitable for practical use in real-world applications? To do this, we evaluate the numerical performance of Peres’s extractor and Elias’s extractor with the RM method in terms of practical aspects including achievable rates and running time with finite input sequences
It is known that Elias’s extractor achieves the optimal rate if the block size tends to infinity
Summary
Many cryptographic systems require random numbers, and the use of weak random numbers leads to insecure systems. Many past security problems were due to the use of weak random numbers [1,2,3,4]. This tells us that random number generation is very important in cryptography, in particular to ensure that secret keys are random and unpredictable. A deterministic extractor is a function which takes a non-uniformly random sequence as input and outputs a uniformly random sequence. The deterministic extractors have been studied in mathematics, information theory, and cryptography In information theory, those extractors can be treated for the intrinsic randomness problem (i.e., the problem of generating truly random numbers). The main purpose of this paper is to investigate those with finite inputs (i.e., from a non-asymptotic viewpoint) by numerical analysis to make it clear which is better for practical use
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
