http://www.perlmonks.org?node_id=58876

in reply to Re (tilly) 1: Random source

Oh, definitively tilly.

I thought we were talking about Monte-Carlo integration (sorry, I did say Monte-Carlo searching). But yes, for -some- Monte-Carlo searches uniform distribution and non repetitive bias would be bad things!

I think it is important to point out, like you did, that the real crux of the matter is to understand what kind of random numbers you want and why you want them.

Let's assume we're sticking to uniform distributions of some type and do a quick summary of which ones we've discussed so far (to any that have actually followed this discussion this far! lol :) ):

One: Truely-random numbers. In this case we are talking about a true random source, that should be uniform, but we do not get any garuntees about it. This is almost always an all around safe bet if you can't decide. Also in some very sensitive conditions, this is the only bet. E.g. the chaotic systems tilly from above mentions, for example the http://www.cs.ualberta.ca/~darse/rsbpc.html. However for Monte-Carlo integration these converge, but generally at 1/N**2 rate.

Two: Pseudo-random numbers. These are normally meant to be uniformly distributed (using statistical garuntees), but in practice one finds otherwise. These numbers should not generally not be used for security unless you know what you are doing. The reason being that pseudo-random numbers are predictable if you know or can guess the seed and the general algorithm. For general purpose though, these are the best, because they are fast and provide what many programs need. For Monte-Carlo integration they should converge, but because of bad implementations they often won't.

Three: Quasi-random numbers. These are sequences that are garunteed to be uniform statistically, and also have a strong bias to not repeating themselves. This means that as you pick more numbers the become closer and closer together, but in a uniform way. Example is the Hamilton sequence mentioned in the posts above. These are excellent for Monte-Carlo integration because they lead to a 1/N convergance rate and are garunteed to converge. These numbers tend to be very predictable, so they should probably not be used in security for the same reasons as Pseudo-random.

Welp, back to work :)

Ciao,
Gryn