![]() ![]() Once we have dumped the coins out of the cup, we need some way to collect the entropy and combine it into a single simulated coin toss. ![]() Lazy shaking can significantly reduce the security of the resulting random number. The main risk if you do not pick a large number of shakes is that you get lazy and only shake the cup a few times for each trial, and thereby fail to introduce entropy to your results. The actual number isn’t so important, the key is that you pick a large number and stick to it. Third, we count out an explicit number of shakes for the cup. Humans are much less likely to produce consistent or correlated results when using turbulent technique like shaking a cup. If you flip a single coin many times in a row, as you gain practice you will likely start flipping the coin in a consistent way, introducing not only bias to your flips but correlation between your flips, which is very bad for randomness. This creates a chaotic environment for the coins, where they will be bouncing off of each other in random ways, and generally reducing the impact of human consistency. The second big thing that we do is flip all of the coins together in one large cup. ![]() 5 coins produce significantly more entropy than 1 coin, which gives us a better chance at arriving at an unbiased result. When generating random numbers, the fundamental thing we are collecting is entropy. The first big thing that we do with the Taek’s Tornado is that we use 5 coins per bit instead of one coin per bit. If we want to generate secure cryptographic numbers by hand, we need a technique that is robust to both bias and also robust to correlation/patterns across coin flips. Under these circumstances, using the Von Neumann trick to generate a large random number will not result in a cryptographically secure random number, instead you will get the result ‘heads-heads-heads-heads-etc’. The bias is likely not static, and the coin flips are likely not independent.Īs a degenerate example, imagine a person flipping a coin whose thumb over time gets tired, and eventually they end in a pattern that nearly always results in the coin flipping exactly 3 times in the air, such that the resulting flip pattern is heads-tails-heads-tails-etc. In the real world however, the probability that a coin comes up as heads is not just a function of the coin itself, but is also a function of the environment and of the person flipping the coin. The trick depends on the coin flips having the exact same bias for each flip, and also depends on the coin flips being completely independent. Though mathematically pure, this trick is deficient in the real world. For all values of ‘p’, the probability of ‘heads-tails’ is equally likely to the probability of ‘tails-heads’, even though the probability of ‘heads-heads’ may be significantly different than the probability of ‘tails-tails’. The probability of getting heads-tails is p*(1-p), and the probability of getting tails-heads is (1-p)*p. The probability of getting tails-tails is (1-p)². Quick proof: the probability of getting heads-heads is p². If it comes up as tails-heads, accept the result as ‘tails’. If it comes up as heads-tails, accept the result as ‘heads’. If it comes up as heads-heads or tails-tails, throw away the result and start over. The technique is simple: flip a coin twice. Before I get into my technique, I want to cover something called the ‘Von Neumann Trick’, which is a strategy used to turn a biased coin into a fair coin. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |