Updates: Tyler on PowerHacking CSS to cutestrap your app in this latest episode!

Topic 13 - The Missing Parts 3: Randomness and Entropy


  • randomness and entropy from pure order:
    • distribution - linear, gaussian, etc
    • sequence (PRNG) / seed based, bad to good:
      • POSIX.1-2001 example from rand(3): multiply + add, save, stir
      • the random interface
      • PCG
    • true randomness (TRNG), “the assembly instruction”


and i'm like so high energy tonight i i
just i'm not even gonna let that get me
you see that 20 that i was showing you
earlier that that's a real 20. i'm just
going to cut to that
that's a real 20. i rolled that for
those of you who were here
that that's real i was like blowing up
when i was talking to jesse i'm like
hold on let me just roll real quick for
stream 20
yes totally excited sorry if i hurt your
ears there's like just gonna be
some crazy stuff tonight so what are we
talking about we are doing
randomness uh this is one of my favorite
topics in computers
in general randomness is wonderful
and it's random here we have jesse on
and oh my goodness last miles raiding
with a party of 35
i am really glad we sorted the audio out
before all you raiders came hello
raiders thank you
last miles last miles the first sub in
this channel
a badass in his own right i how do we
even do shout outs can we do shout outs
at the bot there last
miles i don't know is this yes all right
bots even working
okay let's let's just pick up the
randomness let's just let the entropy
like bubble up because we're going to
need it for this stream we have
issues here with how do we make
when we're talking about a computer i
mean everything is deterministic so
where are we going to
harvest this wonderful randomness from
because that
that doesn't come free that that really
doesn't come free so we're i'm throwing
the glove on because i think
i think it's time to talk we we are do
it i will say
entropy is one of my least favorite
words because
depending on what background you're from
it can mean
a whole host of different things so it's
like it's got so many different meanings
at this point that without clarifying
what you know what field you're talking
from it's it's almost become meaningless
which is a certain kind of irony it has
definite meaning here we're talking
entropy in the heat death of the
universe since okay so
let's let me let me cut over to the
white board so we're gonna
just find our whiteboard which of course
oh come on you don't want to do that you
you want to get the screen here why man
that just what a stream
this is a good sign it's just gonna be
one of those night you know what i don't
even need the whiteboard we're not even
gonna worry about the whiteboard
like let's just we can we could have the
whiteboard on the main screen so we'll
just we'll go with that because that
that that whiteboard just wants to
misbehave so
um that works so can i do something
can i just a self shoutout i am six
people away from
six thousand that's awesome all right if
we got six people in here not following
last miles help us out
help the wizard out he has some awesome
that were drawn by chess grand masters
and other
other great stuff so um you can i think
we threw the shout out in here
so it's already in that channel and if
you can uh
if we got six there then go grab it i
think i think the key to that last miles
we're probably gonna have to plug it a
little bit later when uh we get a few
more people in here so
um we will do that we will re-shout you
out because six thousand followers it
seems like a really big deal
all right so i'm sorry it's not going to
be heavy on the whiteboard because the
whiteboard is just misbehaving tonight
but we can draw here because this is
random and so
that that's randomness okay so we have
two types of randomness there's two
major topics we're talking about which
is going to be pr and g
and trng all right and the difference
between these
aside from a single letter and a corny
joke is
this is pseudo and this is true and this
rng is random number generation so
we are going to concern ourselves first
and foremost with
pseudo-random number generation and this
is all about doing some math
and looking random approximating
and this is all about generally
measuring something measuring
physical phenomena so this this is
typically like
you know the famous example from silicon
long live silicon graphics silicon
graphics is dead um
is the lava lamp so this is the uh
source of entropy that used to be you
could basically take a camera
and like point it at this thing and say
all right which way is the lava gonna go
that's gonna be random numbers so that's
this is this is a notion of like true
random number generation
so this typically comes from some type
of hardware not not
always but sometimes it's like just
misuse of hardware sometimes it could be
like you know in the
a long time ago in something called
pretty good privacy i know i'm sorry
last miles rip
rip silicon graphics i i miss silicon
graphics um
hey what's up i'm nom nom and uh
excellent name
i i'm not sure if cloudflare is still
using lava lamps but we
we might actually have to build our own
entropy source i'm not
i'm not sure so this is this is our last
in c is an additional language this is
part of this is the missing parts series
um for those who don't know this is like
the full syllabus here we're
just we're here in topic 11. uh topic 13
which is lucky number 13. lucky number
13. this is this is basically it for the
meat of the course and the next session
gonna kind of just wrap up and go over
what we learned and you know we've
we'll have a freshly minted c programmer
so um
i don't know about that but i will do my
best we'll join
the ranks here let there be tornadoes
the last crazy i don't know
you know that wasn't in twister he had
like a sgi
laptop all right i'm totally get that
that's a discussion topic
that for the drinking portion that's the
drinking portion later so that that's
let's just silicon graphics pour one out
for sgi okay that's that's like a
totally different
mindset okay um so i
anyway pseudo random number generator so
so true random number generation usually
have to do something physical you have
to digitize it in some fashion
um you might like in pgp it used to be
with uh inter key stroke timing so if
you time to like the micro second like
every keystroke and you type a lot of
keys like
the delta between keystrokes is kind of
random you can you can extract a couple
bits of entropy from that
and here i'm i'm hand waving entropy
entropy here we're just taking as
sort of like how random is something you
know like how
how not deterministic is it
so okay um now that's not that's
so we don't really have to worry about
that too much tonight because you're
going to be coding up
a pseudo-random number generator all
right and how do we do that
typically coding a pseudo-random number
generator takes two phases
you usually at startup seed it
so this is gonna be like the basis
of whatever number sequence you're gonna
you're gonna work with and typically
this is gonna be sort of deterministic
after that so if you use the same
seed you can get the same set of random
numbers in the same order
and then you're going to have something
which is actually like sampling it
and sampling it is really you know
typically this is like you know give me
a random number
and that is all about
basically taking the seed and storing
some internal state
about like you know what we were doing
what we've done so far
and doing something to it and then
popping out another random number
all right so pretty good right i think
so all right so
in here we just have to do some math
now that sounds a little hand wavy i'm
gonna i'm gonna throw that in
air quotes for you just just to extra
hand wave it but um
god the some math in by the way in your
first version of a pseudo random number
the sub math is totally up to you so
you're you're going to invent your own
random number
generator okay i'm going to give you a
very famous one
some math is my favorite math some math
best math okay
um that's like every paper i've read
today it's like
oh yeah then some math all right you
start off with these initial conditions
and then some math and then random
numbers okay so
that's basically what you're going to do
now okay
how do we sort it we're going to talk a
little bit more about what good and bad
and that's going to be the quality
segment so i've got that kind of broken
down as the third
topic but um let's just say at a high
level um
just very quickly um what would be bad
for random numbers
i mean what do we want with random
numbers like at a high level
random yes we want randomness right so
it's a trick question no it's totally
not we just want some randomness so
that means that like predictable
yeah and easy to spot
sequences and see things where i can
easily go
forwards and backwards
that's these are all bad right i mean
these would be
like the description of like a terrible
random number generator
like if i could just look at whatever
number and know what the next one is
then that's not very random
and if i can look at a given number and
i can go backwards and say i know what
you had before
and i can attack your crypto keys and
get your getting your base
um then that would also be bad um so
we'll talk about a little bit more about
that later but
um i'm going to give you the randall
random number generator i'm going to
start you out just just because i'm a
helpful guy
i'm some coding guy i'm some helpful
coding guy tonight
so um for those of you who are new
raiders uh
everybody else this is uh the multi-user
pad where we both of us get to type and
mostly jessie's gonna be typing so i'm
gonna type a little bit just tiny
tiny little bit so let's call this the
the paradigm and of course now for
random numbers i have to implement
generally both of those things i need
some sort of
seed and some sort of like next random
okay so um for our purposes we can
usually refer to those as
seed the random number s rand and
rand get the next random number and
these happen to be the function names
that are
typically involved in c okay this is in
the stock library
so i'm going to call this one just to
get you going
the um let's go
randall randall monroe
is it m-u-n-m-o-n-m-u i want to say
that's that's terrible let's just let's
just find out actually you know
it's i even have it right here so i
don't know if he has his name
showing but no randall
no embarrassing
randall munroe let's go with the u first
it is a u alright sweet all right cool
that is a natural 20. i'm telling you
all right
randall munro
seed and let's just do pass in some sort
of numbers
so let's look we're going to we're going
to simplify tonight so we're just going
to keep everything
um you in 64s so we're just going to
assume normal size for 64-bit
so and this will be the seed number and
we pass that
in and we're also going to write the
and this will just pass back the randall
monroe rand so this would be the randall
s rand and this would be the randall
monroe ran
chat don't spoil it and this takes no
because i just want a random number back
okay so the xkcd wasn't a joke no
it was chosen by fair direl so
that's that's legit okay that's that
how do we know that this sucks
so despite the fact that this was
randomly chosen what properties does it
i mean it's predictable it's predictable
to say it's basically it's it's the
trifecta of bad
ranks okay which is now he's trolling
obviously but
um so that would be that would be the
first one i'm some helpful guy
so that's that's oh wonderful thank you
for you i'll just i'll just i'll just
run it for you um we'll
will randall monroe strand this
with uh with 10 just just to be ornery
and we're not even tracking our internal
state we're just we're just throwing it
out i mean that's just
terrible right so let's just say that uh
uh 64t uh first num
is this thing and let's just print it
so look at that this is all the coding
you're gonna get out of me tonight so
oh god we're gonna call this uh a ul
because it's a ull ull or ul on this
i always forget um so that'll be
the first step okay we execute it
and no no no it's not
dyslexic moment all right so let's let's
clear that
let's get our let's get our specifiers
right okay there you go
the randall monroe number generator
that's that's your first one
okay that is significantly less helpful
than i thought
so oh man you know that's a great
suggestion from last miles i should
return a 20 because i rolled a 20 but
anyway um so four and then we'll say
for some value of 20. all right so um
mathed it up so there's there's some
math and it's right okay
um so go ahead
give it a go give me some random numbers
okay all right so
so is this one of those things where i
should go off and do some coding and you
talk to chat
and then no no no no no i don't need to
get are you going to look over my
no no not that complicated we're just
i'm not asking for like a particularly
good one just just
let's start somewhere so
and by the way for your first random
bespoke chunk random number generator
let's let's say that it's like die rolls
and it's going to be
a six-sided die or we could use a
20-sided die uh for
uh last miles in reference to last miles
comment so
let's say that it's numbers from zero to
nine oh crap okay
i had something planned all right uh oh
did i ruin the plan
do you really want a six-sided die first
because no no no no no no no no i
was thinking of like i have one i have
we're we're good
if you need to if you need a d6 no no
you're you're totally fine i was
thinking of
um we got d6s like
all day like this is so i mean if
there's like
i will start out with with bad okay it
will not be good but i have a cool idea
but it would take a couple of minutes
so let's just say that we have this seed
all right look at all this d6 action we
got going on over here
we even have like a proper and you said
yeah no no you're doing d20 right
i don't want to spoil this beautiful
roll that i just did earlier so we'll
okay hold on no nathaniel bumper we're
not doing a mercedes twister
okay so
macgyver's trolling a little bit too
because uh
we we both love the python but we're
doing c tonight so
ran chunk
hey by the way nathaniel we're going to
give you better than a mercy and twister
i mean so that's already random right if
memory was initialized randomly
yeah well let's try that one out what do
you think of that
okay um
so here i'm going to change
this i got a little bit of a big kappa
i got a big kappa coming for you
so there you go you're returning 10.
it's pretty much always 10 okay so so
random nut or not predictable easy or it
is predictable
it's easy i'm gonna get rid of this
randall monroe
seed because okay i don't feel like
that's helping you
and we're gonna just go ahead and oh
look at that
what there we go what happened what
what they're they're different all right
so actually
this is a pretty good random generator
just for reference so
yeah i mean you could you could like you
could write
so so it's it's just um it's it's the
memory address of where chunk is right
where it's like whatever's in the memory
exactly previously
where it's initializing chalk so gcc has
kind of a couple modes one of them is
you can say like
pre-clear memory you know linux has
modes it can say pre-clear memory that's
being handed out for allocation
depends on your memory allocator we
wrote chunk alok
if you chunk alok then you get kinda you
actually zeroed it i think at first
but in this case like it's you're just
getting whatever happens to be around
i mean that you don't know what's in
that memory maybe i'm revealing like my
password and i don't even know let's
let's get rid of that like
maybe this is like like like revealing
entropy here so um
yeah i mean one other like fun little
allocator we could do is we could
like return an address i mean
we could we could just say like let's
let's let's give ourselves a pointer and
you know just get that number
is that crazy i mean like because you
don't know where this thing's going to
land in memory right
yeah it's so it's not it's not terrible
i mean because it raises the question
though how how is it chosen
how is the next chunk of memory
you're sort of grabbing whatever happens
to be sitting in memory so you're using
environmental randomness from the system
you're sort of harvesting a little bit
of randomness from now you don't know
how the system's running so like if the
system is like
in a acting in a very deterministic
fashion or if an attacker can make the
system act in a deterministic fashion
this is a bad random number generally
okay but
in this case that we just saw it's not
bad you know
it's probably like linux is probably
handing out consecutive chunks of memory
so you know we probably want to
randomize like how much memory
anyway so moral of the story like not
terrible all right but let's get let's
get a little math in there let's
let's actually initialize some variables
what i had actually wanted to do so let
me think about this
and by the way rand doesn't get to have
its own seed so if you
if you want to seed something you got to
follow the posix convention and
put it in a separate function okay um
let me think about this um
i like that one last miles
um because i was thinking about like
essentially if
right the way that i'm thinking about it
is that
if we are just trying to approximate
then the more
like the more complicated a mathematical
the harder it is to be predictable or
it's probably harder to spot what the
pattern is
yeah exactly yeah um and especially if
you use like
uh more like stepwise functions or
functions that have like conditional
kinds of out uh applications then it
would be
so you do some bit-wise stuff in there
to kind of stir it up a little bit
yeah i mean because obviously uh that's
that's gonna come into it but i'm trying
to think about
yeah so start off with what you were
just saying those are some great ideas
but you took away my seed uh
you can store the seed you can have the
seed back
all you need to do is write a seed
but it doesn't return anything no
all it does is initialize internal state
that's the point of seeding
okay so so here i'll give you a little
internal state
all right so the simplest seed function
would just be
eternal state guess
seed okay okay so now you've got
something to work with for internal
okay so let me think about this um
let's make some variables that i can
mess with oh by the way thanks for the
nine null nine um
but but whoa i missed a few follows i'm
matt fisher music links kernel image
all right and a
kingly gift of a tier one sub thank you
last miles
you got an emote what i can no what
what what does this mean hyper rev what
got some emotes tonight it's a hyper
slam what even is a hyper i don't know
what that is i don't
but that's awesome it's cool
sweet that's random so you can actually
harvest like
twitch chat that's a nice source of
let's not do network code all right so
yeah give me some pure math i mean start
off with some simple math and we'll get
so i guess where i'm struggling is that
i want to be able to pass it a number
like a starting place
no no the point of this function is so
no no so starting place that's seed
right i mean that's done in a separate
but the point of a random number
generator is you ask for a random number
it gives it back to you so there's no
argument that you pass
i know i wanted to like that's otherwise
that would be like do some math to this
i know okay like i just want to do math
to the number
well you could do math to internal state
i guess that's true okay so
let's think about this um
you start to save new stuff happen for
your account oh
cool last miles thank you for the thank
you for the generous subs
and uh that's yeah i'm still kind of a
twitch new but what i can tell you for
new subscribers you have some of the
best programming emotes on twitch
from what i've seen of live coding you
you have some
wonderful stuff like this this is
not code that we're going to use to
refer to jesse right now this this is
some code that i was looking at earlier
i would describe it as a dumpster fire
and look at that oh i've gotta
i've waited through my fair share of
dumpster fires
let me tell you yeah dumpster fires and
that's that's
that's fine right this is fine and also
um don't no
don't use a reg x no regex parse
i really i really like the dog with the
flame meme that just makes me that's
i i have empathy like a deep connection
with that meme
oh yeah it just feels like life so okay
so what was i thinking about doing here
give us a little bit yeah i'm working on
it math up some internal state
i'm working on i'm trying to think of
like something obnoxious here all right
i want to so i wouldn't go for super
obnoxious because we got a lot of
material to get through
but but i like being super obnoxious um
let's do this oh bsd damon that's
i used freebsd for a long time it speaks
to me last miles
i think that's why i made the jump to
gen 2 because you know
ports portage that's that was the kind
of linux that i needed
that's that's great last miles i'm a big
fan of freebsd
i think if it wasn't for gen 2 i might
not have come over to linux
yeah there you go some things
um okay and then let's see then
why not that sounds good there i did
random stuff
all right so start that hit it a few
times um
no cause hold on this can't get past
anything now
um and we also need to capacity seed
uh yeah usually you see it at like
startup time and you know random numbers
happen wherever in your program
can i just kind of pass it doesn't
return anything right so can i just do
like that and
pass it something or is it going to poop
on me no no you're good
um paul blart just cracked me up right
hey okay except those are not the random
oh cause i have to change yeah this
so it's only good as you're as good as
your seed um but
let's let's not worry about seeding um
let's not worry about separate runs
right because those are always going to
be the same
based on your seed we want the run to be
deterministic so if we
if we give it a given seed we always
want it to kind of go through the same
that's that's a good property so that we
can reproduce things later if we want
um but i mean your pseudo
random number generator is only as good
as your seed i mean if
you if your seed is always if your seed
is well known and baked into the code
basically a garbage random number
generator no matter what math you do to
fair enough but the issue that we're
more worried about
is what happens if we do this like five
you know we take this and we do
something like that
and then well if it has the same seed
then it's just going to be the same
right yeah which is not great for like a
given execution right it's okay that
like it always sort of starts off at the
same place with the same seed
but it's not good that every time i go
to your random number generator i get
back the same number
i mean that's the same as returning four
right oh hang on i've got an idea
okay last miles absolutely and don't
tell her that
beer from austria nice i want beer from
i want beer too so
last miles is beer sniping us while
we're trying to nerd
snipe ourselves
okay um
or seti thank you for the follow
appreciate it
what what's sort of the issue with
calling rand chunk in this
in this program well so it's always
going to yield the same number so i was
thinking about
having some conditions in there well you
don't need to have conditions in there
they're going to return the same thing
because see you know your internal
state's always the same
well so
so what's important every time we return
a random number i mean it should be
uh-huh so how do we get it to be
different keeping your same math
i mean and not changing the seed
well seed only happens once it's
start-up time yeah
but we can change internal state
um what do you mean
what if i added a line to your program
every time i run this take internal
oh i see what you're saying add one to
yes okay i see what you're saying okay
so if i run that
i'm starting to get some different
numbers now the issue here is these are
they look like they're kind of they're
incrementing they're monotonic you know
yeah there's sort of some some badness
happening in here so i don't really want
to add one to my internal state because
that's going to make it kind of
so what i want to do to my internal
um the entropy term for this is i want
stir it okay
randomness has such great language
so obviously like a more complicated
operation than just adding oh no this
this oh yeah
this line yes like line 17 sure yeah
this is sufficiently complicated what
you got on line 15.
but we want to do something complicated
to internalize yeah we want to stir it a
little bit
okay um
sounds good to me
okay yeah let's take a look
random operations whatever's in my brain
all right um okay i'm working on it
okay what's our issue now now it's just
getting enormous yeah we're getting big
so let's
maybe that aha
which would okay it's still getting but
we're still doing that increasing
so um
we are stirring though yeah let's see
stir it a little more oh
whoa what's good last miles knock it off
you're killing me with your kindness
here thank you
so much
appreciate it nathaniel gets some
awesome emotes to use for
programming humor and satire
let's see first let's see maybe i need
to make
okay so that's the okay that goes back
down right yes it goes back down
that's what i'm actually gonna like
let's see if we can just like
yeah mess with a little bit okay yeah
okay so i'm thinking like
sort of like season to taste stir today
by the way loaf bone did i get nc's
level right this time
i had to do a quick change is she a
little bit low
it's still getting large
maybe seem like okay
race a little bit hmm
i might have just started mumbling off
though so that's okay i i just
okay i bumped you up a little bit
oh wait wait oh no that wouldn't work
never mind
nope nope this is sea land
okay um
i mean mod is a pretty good way to go
yeah i like that
no whoops oh because
that's awesome last miles i appreciate
sharing the love
live coding um
so this turns out to be a little harder
than we expected huh i mean so
they're getting more random it's just
they're getting too large so
i need to like you need to just keep on
stirring and keep it but i mean
here's the thing i think you got the
idea i mean yes
i do like this is a this is pretty fair
like maybe sometimes you want to go up
sometimes you want to go down
maybe use the last bit for that i don't
know who knows
like how you want to stir this but um oh
i have an idea hold on hold on hold on
hold on
so nope i can't do it that way i have to
a little poop never mind no i don't want
to deal with that
like we know it's evenly distributed and
bonk if it's even we
go up but if it's odd we go down yeah
you could put a bunch of like conditions
in there and we could jazz it up all we
want i mean you got you got plenty of
operators to start with but
i mean the idea is that you're sort of
like tuning it you're looking at the
output you don't know what the seed is
going to be and ahead of time right so
what we want is we want to perform well
no matter what the seed is that's given
to it
all right so it depends you know it's
like one of those things like we
there that seems to be behaving a little
bit better with a larger
c i mean again like so this is like
something when we start testing our
randomness this is like
some of the factors we're gonna have to
incorporate when we do ours
okay well you feel pretty good about
that right
yes okay well i am going to show you
um okay so that seating
what we could do to kind of analyze this
is we could
run a whole bunch of random numbers like
not five like
50 like a thousand million
i mean we can run a whole bunch of these
and start looking at the distribution of
yeah and if we sort of pull that
together like we should see kind of like
an even distribution we don't we don't
want to skew this
we want to see that it's like kind of
you know stuff is getting spread around
and it doesn't seem to be following any
sort of patterns
a shortcut to do that is called
a rando graph so basically
it's the same idea as what i just said
but rather than bucketing it putting it
into a
histogram histograms are cool but you
know sometimes histograms are not cool
sometimes you're tired of looking at
so okay maybe you want to look at a
little more graphically well what you
can do is you can choose two random
and you can use that as an x and a y in
a picture
okay and you can look at the pattern
that emerges
okay well that's okay that's a
randograph so
um we we're not gonna do picture
generation tonight i don't want you to
code that much
we have not done anything with
visualizations yet at all
so a little bit evil but um if we took a
quick look
at the psp pcg paper which we're going
to get to a little bit
later here's a nice little
implementation by the way if you
can see the screen this is a really
nice random number generator and you'll
notice it looks kind of like yours
you know it's it's taken a big number
it's taking some state it's adding some
it's shifting some bits it's ore it's
xoring with something it's shifting more
bits it's doing that
it's playing around so basically it's
like just a bunch of math
oh a shift would have been a good idea
yeah so shift circle like that
shifting by a random amount is cool
shifting the other way by a negative of
you know i mean so like you know they've
basically been stirring
and by the way this is years of research
like this this did not
just happen right oh yeah i got close
so you were actually kind of getting the
idea pretty fast in just a few minutes
but like you know when you start
studying and you're looking at the
distributions and you bring your data
science mind to it
you'd spot like some of the problems
with this my data science brain is
out out for lunch that's so totally fine
um too much too much data science today
there's a nice
uh paper actually we'll get to that
later we're gonna get to that later
too there's a nice paper not from nist
which of course i don't have handy here
but let me uh yeah i threw the link away
of course but
um it's
it one of the things it does is sort of
like tracks pcg and sort of like
which we're going to get to in a second
um and it looks at like
how distributed it is and like you know
how it deals with those various
properties that i just said and it makes
some nice randographs
so um let me let me just look real fast
if i got it
so i have read
an absurd amount of papers today oh
don't worry interestingly
i'm trying to think if like
there was something with with randomness
that was so many hours ago that
it's been overwritten my brain is like
some kind of ah that's totally
circular buffer it just gets overwritten
yeah they actually there's stuff
they have a paper uh let's see
is this the paper yeah this is totally
the paper harvey mudd cool so if i just
gonna jump down a little bit
there you go if you apply the technique
that i just mentioned
this is how you get a randogram
so cool this i'm sorry for the people
looking at this on stream because this
is the worst case for video encoding
so um it's literally the worst case for
video encoders totally random data if
you're interested um you can go take a
look here at the link
but basically this this is sort of what
you want to
you want to see the middle
here but you don't
want to see the left right you see a lot
of pattern here on the left and again
this is generated exactly the way that i
just described it's like the
you pick a random number for the x you
pick a random number for the y and then
you plot a point
so if you do that for all the different
entropy sources
like you can see very quickly like bad
good totally random right so white noise
would be
awesome right you know but that gets a
little bit into distribution which is
something we're going to talk about
momentarily so um that's
that's a randogram randograph um
so i can show
well we already just saw like really
briefly um
i like that they put up on pcg
they put the very oops
they put the totally minimal you don't
want to download a thing
implementation of the algorithm
and it's right here and we can because
it's apache license we can actually use
thank you apache license um so it
doesn't include
the seating so basically we would just
have to seed this ourselves they have a
nice clever way of doing seating
which is neat but um just looking at it
it kind of works the way that what you
were doing right it takes
it takes some state says okay this is
where we started with our old state
now we're going to take that we're going
to multiply by this ridiculous number
which is hopefully
probably prime or some some special
property of this now it doesn't really
matter it's just that it's big enough
that it's going to cause
overflow occasionally so the number is
going to wrap around and come back
and then it's also going to add in a
little bit that it was storing and it's
in you know
in the internal state um so
then all we have to do look at this they
even commented it with this
implementation that's crazy right
um you can then take you can do this
we're going to calculate two parameters
this xor shift which is we're going to
take the thing and we're going to shift
it a bit and xor and shift it some more
and then we're going to do this this
rotation thing which is we're going to
shift it all the way down so we're going
to try to get a small number here
but still keep a little bit of whatever
randomness we had before
and then we're going to apply the
property all together and that's the
number that we're going to return so
we're going to take the xor shifter
we're going to shift it by
this small number of rotate so we're not
going to throw away too many bits we're
going to order that with
shifting the other thing and then we're
going to negate we're going to take the
the inverse
of the bits and we're going to do a bit
wise and with 31 which is not quite 32.
so it's going to just take the low part
that's a that's another kind of shifty
trick shifty
you told me there would be puns i told
you there's gonna be some puns i had to
get that going somewhere so there's
gonna be a little shifty trick there and
then we're gonna use that to shift this
the other way
and we're gonna order them together and
that's that's a pretty decent random
number i
think so why don't we try a quick
so a lot of you are questioning i'm
gonna run this thing
okay so
like obviously there would be there
would be a lot of perhaps permissions or
whatever issues that that you would have
make or like navigate for this but if
you could access
like a some kind of like hardware
property like
like the temperature or
something like that i love you brought
that up because that's because
okay all right because then you're
you're kind of this is why i said
entropy in the heat death of the
universe sense
because i was thinking about like the
only real entropy rate is observable
physical phenomenon
and so how can you do that well
observe some kind of hardware you need
physical attribute right
basically you need a physical phenomenon
that's the dividing line between
pseudo-randomness and
true randomness but one of the nice
things about pseudorandomness if i know
what it's seeded with i can reproduce it
yes so that's it's nice that it's
deterministic it's also terrible that
it's deterministic because that's
sort of depends on what you're using it
for right so that's why we want these
properties but we know we accept
up front that anything we do for
pseudo-randomness can't be
truly random just by nature but if i
take this seed and i just quickly stir
it up i'm just give it some state
we'll just say that this is like five
i don't know this what else does it need
is this ink so we'll just say
c dot inc is gonna we'll just start it i
will start it at one just to be ornery
um there are four because we use the
randall monroe and uh we'll take that
and we'll pass in
seed then we should get back a number
which is
another sort of u n 64 t and this we'll
mystery because it's so random okay and
we'll just print out the mystery
is and then this is going to be what did
we say was lu i always mix it up ul
l u it's yeah l u all right
lu i always say i'm glad compilers tell
you nowadays
okay and this is gonna be this is
yelling at me because it needs to be a
pointer so i'm gonna remember to
pass that in like so and
stuff happens okay so um
i probably took down our execution
environment which is cool
so oh
boy yeah oh no i think we did it
that yeah that's that's just a little
okay now it did come back okay um
so no
this undeclared identify what i did i
oh because i commented out the c
no don't do that okay so
run this and i think
i think the instance is still up
it is but it's really struggling so i
must have done something that's not
happy about
oh that's like story of my life
what did i do to it what what happened
to you
you could have been a contender
oh goodness
steve this guy is fun and funny and
learning oh i totally am missing stuff
happening here
oh cannot allocate memories sweet okay
so the chonk aloc
we just ran out of memory nice
that's a solid win right there so we're
we're gonna just hand wave the rest of
the pcg and say that it works
when you don't break it
um so i'm gonna kill that real fast
and that's gonna cause this thing to go
crazy and then i'm gonna bring that back
real quick
which is like so okay
so multi-user pad back in operation
let's not run this program as it stands
okay so i'm gonna just kick out the pcg
we're gonna save that for
later um
all right so that's by the way in
as you can see when i get it right in
just a few lines of code
you can get some nice like stir you can
get some nice internal state management
and that's all pretty cool um one of the
things that you
was it your yeah i no i think yeah i
think there's a loop that's going on in
there that was
that was misbehaving i'd have to analyze
it later i'm joel i don't want to bore
everyone with that
um so what what is five emotes shared
what is going on oh
last miles you were there's more there's
more gifts there's more
there's gifts are happening there's just
there's just a shower look at that bsd
devil that swells has that's awesome
steve the kicker of the hornet's nest
jitter entropy does this
nice okay well sorry i'm getting totally
lost here um
so let's um
all right so you feel pretty good about
prng right
yes all right so and it immediately
brought you
to a new thought and i want to follow
that thought for a little bit because
you were wondering about how do we get
some sort of hardware
stuff mm-hmm right but before we get to
that what i am going to tell you is that
like i told you in the earlier example
starting off with sort of pgp and they
were looking at like enter key
timings that meant that like back in the
day when you were generating a pgp key
it used to say like okay bang on the
keyboard a lot
okay and you would sort of like it'd be
like how much entropy have you collected
like you know no you don't have enough
for a key that makes you just be sitting
there like then eventually they added
mouse inputs you're like
i'm trying to get enough you know it was
just kind of insanity so
like at some point some clever uh
os dude i'm not sure if it happened on
freebsd first
uh i i feel like it might have i i don't
but um somebody came along and said you
know what's really good at doing all
this is let's let the system do that
just sort of like always collect this
sort of like background
free entropy you know so like stuff like
for example banging on keyboards
moving mice things like that um and
generally looking at any interrupt now
so you would even look at clocks like
and say like okay the real time clock
and have the processor clock measure and
the processor clock's very accurate the
real-time clock is
has ntp referred to it a time of day
it's time the funny thing is like when i
was thinking about that
i wasn't thinking about like keyboards
or or mice or anything i was thinking
um telescopes
actually and so how the
quote-unquote random interference
created just by the like the ccd
and the the electronics that are working
causes a kind of
it it it's random-ish but it's it's
it's a kind of noise that you have to
filter out when you're analyzing
astronomical data and so
i was trying to think of like as an
astrophysicist you're perfectly suited
to think about
natural sources of energy for randomness
right like all that stuff that you're
filtering out like you don't filter that
out you save that that's artisanal
randomness that is like 100 percent
home grown organic random organic free
range random
you you take that from the environment
you keep it you know you you stir your
internal pool and you just sort of keep
that around so that that don't throw
that out that don't
i'll send you my dome flats next time i
know you spent all this time
pulling this noise out but that that's
the good stuff right you know
that's you gotta keep that okay so i
know sometimes you wanna like actually
like do something that's fine too you
know but like you know sometimes like
keep that
keep that stuff yes totally
um so yeah i want i actually started
building a website where i was i was
thinking of like a long term troll on
stream was i was gonna sell
free range randomness and then i was
like you know what like figure out how
to stream first and like come back to
that life so i actually have gotten as
far as setting up like a square square
like selling and i had my first sale and
it was a pain in the ass because i
actually had to like report
taxes for their sales tax in connecticut
so i actually had to like oh i do not
miss it i had to file
like i was like i was like oh my god i
don't want to sell randomness anymore
like just filling out the taxes for it
but anyway um so
we're going to get into the black market
randomness on this stream so
um right all right i can hook you up
so um that's and
really fast we're going to just borrow a
modern version of that because we're
running on a linux
container here so we can actually pull
that there's a very well-known device
because like i told you on unix
everything's a file so
there's a well-known file you can open
up and it's called
dev random and it's not so cool
as sibling i don't know you random which
is um
and and these two are like sort of
related um sometimes they're actually
implemented the same depends on
the system you know the version and the
choices that people make
but um yeah hey kid i love
steve hey kid you want to buy some
random numbers
i got any one of those coats like i got
something i just was typing that is like
that like creepy trench coat like with
all the watches
it's totally awesome but it's randomness
so anyway uh this dev random file is
sweet it's binary you can open it up and
you can just pull some randomness out of
it don't starve the system so please
just read just a little bit of
but do you remember how to read on a
binary file so we did this
a little while ago oh god uh
maybe okay oh god it's been a while okay
hold on uh
let's see so like
right right hold on actually um how much
of this can i remove
uh i mean it's just how much do you want
to save i mean i'm fine with you
removing all of it if you want
okay yeah we've done our pseudorandom so
we're getting we're moving domains here
and yeah last miles i do think that it
originally did start with freebsd maybe
maybe steve or
when you guys could comment on that i i
feel like i saw that on freebsd
it's just been a while so i i don't
but i do feel like that random oh and
thank you asdf monkey
uh for the follow i appreciate that
oh and steve for the fall i missed that
as well and perel cobra
and fizbly twitch what's going on here
tonight this is so crazy
you roll a natural 20 last miles feels
like raining magic happens
old old bsd okay yeah i do feel like
that started on bsd i feel like linux
picked it up and said hey that's a
pretty good idea uh
crap what what was it was like like
something dev something
like uh yup devren
uh don't slash that it's a real fun
an accident uh and then we want to
read it and it's binary that is right
i'm gonna give you a buy and have to
worry about return types you just just
assume that everything works yeah yeah i
wasn't gonna because i do remember us
going i'm gonna give you
one minor change i'm gonna open you
random and the only reason i
am is because the difference between the
two is random kind of guarantees that
you're going to get true randomness like
well as good randomness as it has
you random says just just feed you
randomness so
like it never runs out even if the
quality of the randomness drops so
you know we don't want it to block for
stream so we'll just we'll use it
so here i think we need hold on no last
miles we're not checking
return sheet i've done that before
um so don't we need a buffer right
to read some of this stuff into yeah
except you can actually just use it in
because if you just read an int worth of
it that are you
in 64 worth of it that's fine i'm trying
to remember how to do
that um hold on i know it's f read i'm
trying to remember it's like first time
i think the middle thing is the size
so oh thanks steve
uh oh it's just
interesting and then the file i remember
that what what is good
vbst 2.2 was like my first freebsd
i still have the cd somewhere i have to
dig it out i used to hang it in my cube
at uh when i was at netflix and
there's a lot of freebsd people at
netflix so they'd be like cool
um oh wait is that just i think this is
the thing that i got to put it in right
it's a buffer uh i'll get it i'll give
you the man page um
sorry it's been a while no no no no i
don't try to remember you don't need to
remember anything that you can find in
the manual
um okay so that's it thank you
all right so it's a the size okay that's
um and then
number of members okay and then the file
all right let's not don't use language
like that in here last miles we don't
want to talk about sco and what happened
the sko period
the shakedown from the sco organization
sadness came to santa cruz
that's yeah that's totally uh sco
uh paul is um so it became
they bought a lot of the rights the
original um
some bad stuff happened with unix
it's a long story there was for a long
time you couldn't use the word
unix and then there was like kind of the
shakedown from sco
trying to demand like they're like we're
gonna get you later if you don't pay us
some licensing fees
for that unix you got over there in
yeah it was it was a dark time for unix
bsd and linux eventually sort of plotted
a course towards
free and the rest of us were allowed to
use unix without
paying crazy fees i'm
grossly oversimplifying the unix wars
but that
that that's just dark topic
the battle days but 4.4
tahoe can i get an f in the chat for
that come on i mean that's
i'm gonna throw i'm gonna throw that
down myself that the 4.4 tahoe release
was awesome
i have no idea what i'm doing i don't
remember this i'm sorry i'm like trying
to piece this together
uh it's been a long time um i think
that's okay
bad stuff happened open solaris f
no regex nice ccv
that's a great handle
it was made by the community come on
okay so that's not a big deal l
n o oops okay whatever
now it's pooping itself okay so i didn't
think i did it right
i don't i can't really remember hold on
is an array here yeah so
you don't necessarily need to read in
you only want one right
i guess so yeah i grabbed extra in case
you wanted me to go through
let's make it so that this thing crashes
if we you know sort of
oh hope it crashes so we're going to
take thing and we're going to turn it
into a pointer
yeah okay and size of thing
that's cool that's the size of one of
them and
the neat thing about using the variable
name is that you know if you change the
type later
this code will still work um you're
going to read one of them from the file
and then you're going to dump out not
buffer we're going to dump out thing
so yes let's go and this is another one
of those
l and i'm going to do that again
so um if we get that right cool we get a
number so
actually you're basically on right so
all i did was i just switched away from
using the buffer now we used the buffer
in previous cases because we were mostly
working with
uh eight bit data um so your your notes
are gonna mislead you here but
okay uh but basically we can read from
this thing and we're getting some nice
random source and that's basically
the kernel sort of like collecting
entropy on our behalf and saying all
right i'm going to stir
the internal pool and here's some stuff
and it's it's
it works pretty well and it can combine
different sources
the modern version of that is pretty
long and this is the piece of the linux
uh that generates the dev random device
this is an example here so you're
actually you've learned enough c that
you can read this now
so um the one additional thing that
they're sort of doing is you know
they're gonna
they're gonna okay so there's trace
point here so you have to worry about
um they're gonna they're gonna cha-cha a
little bit which is a variant of salsa
this is about um they can do both
yeah they do not want to return the
internal state directly because that
would let you kind of if you knew what
the function was that would let you
guess future values so instead they're
going to take the thing and they're
going to hash it
and we covered the hashing in two topics
ago so
yes it turns out cha-cha is a pretty
nice hash so they're going to use that
to sort of like
hide the internal state and they're just
going to let some numbers through okay
so that's okay
that's the gist of that it's going to
pull out some random number-ness
and it's going to mem copy it into
wherever you passed in
and then we're going to make sure that
you can't go
backwards and protect ourselves you know
so that you can't
we don't want to be able to look
forwards or backwards and we're going to
zero that out just to make sure that
anybody who's being naughty
is going to get some zeros
so that's um that's actually this is
from the dev random
implementation in the linux kernel and
you have learned enough
c to start reading the kernel
this this is a big deal there's
more comment in this file than like
code you'll see a call out here to
pretty good privacy that's pgp
phil karn um this is a long story we'll
get into that some other time
but there is a ton of stuff in here that
you can read about stirring pools and
entropy and all sorts of other fun stuff
um i'm using the version on github just
because it colors it nicely for display
so it's pretty it's basically what
you're saying
it's pretty it sounds it's okay you can
say it's okay
all right uh yeah now we saw p
we saw pcg so we've seen what a high
quality pseudo-random number generator
we've seen one that collects stuff about
the environmental noise that's cool
so that gets us to the second part uh
which is really true randomness
so that's enough of that pseudo
randomness right we're we're done with
like junk randomness we want we want
lava lamps okay
we want like that thing to be like a
lava lamp with a blob
and you know where is this thing moving
next okay so that's true stochastic
number generator
yes truly a stochastic process of some
sort so
we're talking about trng and um
and if you just drop the r i keep
thinking sorry i could think of star
trek every time you write that
i can t oh i'm going to get into a
licensed pro
no i didn't write it i didn't write it
gene roddenberry i'm sorry um
anyway moving on trng
so what do we do with trng well the idea
is we take it from the environment so
something physical
and that's our most common way of
doing that so we have some sort of
physical process going on which is
represented by this box
which i'm just going to call physical
process and
it could be a lava lamp it could be
stardust getting formed it could be i
don't know is there star dust any forms
i can't even talk like that okay it
could be things that
can link you about that's um you can you
could be
astronomical in where you're gonna i'm
gonna i'm gonna
pun the hell out of this okay so um
we're gonna we take some sort of
physical process
lava star astro like
people joining in are like what
um so we're gonna take some sort of
capture device and i'm going to turn
sideways to write this so we're going to
do some sort of capture
this is some sort of adc
type process this is an analog digital
conversion of some sort
so we're going to capture that in some
adc process and we're going to spit out
some bits
and this is going to be we don't want to
we don't have to worry about re
revealing internal state unless the
physical process has some
sort of you know repetition to it which
would be really odd
for just about any physical process but
um we could take that and we could
with it or you know whatever we want to
do if we want to hide some more details
of the internal state but
not really that important so i'm going
to leave that alone we're going to take
these bits and we're going to feed that
well it turns out intel got clever um
a little while ago and they said you
know what we're going to add that to
intel processor we're going to make an
just for you oh
and that instruction is the rd rand
instruction was introduced a little
while ago it's basically available in
just about every sort of modern intel
processor you would see
um you might the binary star was
nice oh that's just like if people are
interested in how stars form uh
dennis clipped that from my channel i'm
just explaining how oh no stars form
um yes by the way for those of you who
don't know um the enceladosaurus
is an astrophysicist part-time c
coder by night but you can check her out
data scientist by day data scientist by
uh so let's let's throw in uh
i've not been streaming as much lately i
need i need to
i'm sorry i'm sorry dear friends i i
can't even
spell i have too many jobs right now
let's just throw that in there and say
that that's a shout out okay cool so
i close enough so i have a nice yeah you
got it no
no i have a genitive problem there
because your enceladus saurus
is um so we got we're gonna need
use of the apostrophe in the next
version of this box okay um
so anyway uh you can check out her
stream and she can tell you nice
physical processes that you can capture
we might do some bits and actually we
should do a little bit gathering someday
grab a little star dust grab a little
i don't know that might be fun okay so
we'll do some we'll do some entropy
so for tonight we're going to assume
that this wonderful instruction that
intel wrote
is totally fine i'm guessing that's
quite an assumption i
i'm it's so totally fine that i am going
to use this
wonderful emote that was written in
pixel format oh no
i know which one you're using yep okay
just this is fine
what could possibly go wrong with intel
creating a random number based on a
physical process
in code that we can't see at all
because it's totally non-inspectable it
happens on the chip die
we have no idea and this is the same
company by the way that
there was a release that they had a
hidden processor and everything and the
nsa is watching all of your computer
and everything else that's going on so
guess how many people in the world
actually use this instruction on a daily
absolutely right because we can't trust
it it runs
fast as give it like you should give it
like a sketchy fedora
it probably is based on well i don't
want to pick on the red hat people but
that's fair enough all right let let's
let's leave that alone for now but um
let's uh let's just say that um let's
pretend for the moment that it truly is
and it truly has no hidden
supervisor sub cpu that could probably
screw with it
but anyway and they by the way intel did
try to push
a bunch of kernel developers to adopt
this and there was trivial attacks shown
that if that instruction
happened not to be truly random how
screwed the whole world would be
but oh god okay anyway well um
that happened so what we're gonna do is
because this is your last c
class i feel like we're just done with c
i mean you know what randomness is
you have a hardware instruction that you
don't have any access to we're gonna go
it's time for assembly
we're we're going oh no i'm not ready
no we're we're done okay like we are
gonna go to assembly tonight because i
think you've seen enough of this boring
like that because we're basically done
with the language you got all the
missing parts so we're gonna have to say
i want a random number just like you had
like we're gonna go
chunk or we're gonna go bonk or we're
gonna i don't know we're gonna bonk
this one so we're going to take this
thing and we're going to say that by the
i don't want the optimizer to do
anything naughty to this so we're going
to we're going to try to get this one
i'm so sorry one second uh hubble is
screaming about something so one second
i'm sorry no that's random that's dogs
random number generator have dogs
you removed emmy in your x
230 replacing with core boots nice ccpe
uh some coding guy what about recursive
fibonacci or linked lists and red black
trees and
yeah so you're that i'm i view
all of that stuff as the next course i
see that as the data structures
and getting into algorithms course last
miles um
so jesse is totally interested in
um i think that we're just basically
kind of done with
c as an additional language at this
point she's been through all the basics
of the language
we didn't do anything with the
preprocessor but i feel like that's not
really basic c
to begin with um so yeah that's the
nice puppo okay so
why not oh i'm sorry steve i missed um
yeah why not that's probably in
reference to the assembly instruction is
i knew it was going to be something
crazy when i started messing
mentioning the rd rand instruction what
do you consider a basic
c knowledge what i consider basic c
knowledge linus
didn't invent all of linux is right here
i can actually tell you my entire
answer to that question this is what i
consider basic c knowledge so i'm going
to just link this
real fast in the chat this is my
syllabus of
free course i'm giving all this stuff
away of um
what i consider basic c knowledge um i
don't actually cover
absolutely everything like i don't i
don't mention
enum other than in passing i don't
mention um
some of the like you know bitwise like
strucks and some of the
more like obtuse parts of the c
standards uh but
i think that this is like pretty
representative of like
the kinds of see the kind of see that
you're mostly be doing
um well why not was in reference to i
don't want to pick on the red hat people
i i feel like they get beaten up too
much steve i
i know some people i mean then they had
those layoffs and then ibm acquire
what was like i guess last miles could
probably talk about that a little bit
um oh and by the way radic uh nilika
thank you for the follow
appreciate it um yeah i so by the way
i'm stirring some entropy over here
uh we're gonna you're back so we're i am
i had to there was possibly a cat
possibly just a person
possibly nothing who knows yeah it's
so this is one of those things like so
the way this is hard to read
in the gcc manual which i had to look at
like five times before we came on here
you always know you got the gcc tab
because it's got this crazy pink
icon so basically when you're doing
assembly and you want it to properly
interface with c
code the hard part is how do you get
stuff in and out of assembly because you
don't know where the compiler is going
to put things at registers
and you don't know if the optimizer is
going to change it so anyway there is a
defined way to sort of interoperate with
if you're in lining the assembly i
prefer to not put the assembly in the c
but anyway um we're
we're going assembly because we're
basically there so the way this works
is we put the assembly assembly in here
and then we say that
this gets and then we have to pass now
this by the way you'll notice the
this is a directive so this is not part
of the c language so i'm
cheating a little bit here um and then
we have to specify
the output and the input
um so these are this is what we're going
to take like variables and see we're
going to like bring them in or
take them back out how that's so this is
sort of mapping between c and assembly
and then if we're gonna clobber anything
and that's important because c doesn't
know what that once you give me assembly
i can do anything to this machine i mean
this is
okay we can run any sorts of
instructions we want so this
by the way you're not gonna have to
worry too much about running writing
inline assembly but it just so happens
that this
rd rand is not that easy to grab so
um what we're going to do is we're going
to use this weird syntax to say that i'm
going to use the same variable for input
and output which is this a
normally it'd be an r for output but and
then you just have to say
what variable you want to use so in this
case we're using bonk so we're taking
bonk and we're going to use it for
we're also going to use it for input so
their their way of doing that is you
have to do this
and that basically says i'm going to
also use that same variable for output
so when i see this variable
gcc is going to map it to a register and
that's getting into some stuff that
we'll do in an upper level course
and we have nothing to clobber so we're
we're not clobbering any other registers
because it turns out
your first assembly instruction the rd
rand instruction
only takes one parameter where do you
want to store the result
okay which is which is bonk which is
basically bonk but the problem is to
pass bonk
in or out i have to use these things
down here so that's why this is
basically i need to specify that this
was the first variable that i
sent in okay
okay so let's let's take a look at it
and then if we get all of that
right which who knows that maybe that's
the true randomness
the true randomness oh gosh
with assembly it is i'm gonna be i'm
gonna be declarative i'm gonna be
this is definitely gonna work um gotta
have faith
we're gonna yeah we're gonna we're gonna
have faith we're gonna spread that thing
out as
you know as it comes on where's your
thank you hi you always give me um
crap about that so thank you where's
your where's your new line
um i totally yep
i do i deserve that okay so we write oh
look at that
it's a number look at this the true
hardware assembly environmental noise
coming off the cpu although this is a
virtual cpu so it's actually a lie
but anyway coming off the hardware is
this thing
oh my god all right i feel like we've
gotten that's gonna be true enough
until we get lava lamps
rd rand is a la rd rand is a lie by the
way so this is the cake is a lie
rd rand may or may not be alive but none
of us can observe its true state
so um that actually
is it for trng
and prng so that's all we're going to
talk about for pseudo and true
um hooking up a actual adc
would be something kind of fun uh yeah
we got a board here we could we could
totally do that but i feel like good
stuff here actually so
i feel like you can do it like that's a
whole stream in and of itself that's
that would be called like we'll save
that for project uh i don't think it's
part of the lesson but
and you even saw how to inline assembly
i told you in the last lesson i would
start showing you the dark side
this is the dark side okay this is this
is where it's the gateway
language c is the gateway language to
harder languages once you've seen the
directive you can't unsee it that's it
that's it okay so um there's a few other
things i have we did talk about
um yes the last part of this is really
just to say that um
there's this notion of quality of
randomness and we talked a little bit
about that in the beginning when we said
um we don't want it to be predictable so
we don't want to
we don't want to be able to guess what's
coming next we don't want it to be
backtrackable so if you see what it is
right now let's say i have a
cryptographic key i can't guess
things that were previously generated
from that so
that has a lot to do with hiding the
internal state from the environment
and it turns out there's a branch of
government that
does this for us so they actually define
standards which say whether the
randomness is
good now they don't they don't really
say if the randomness is good or bad
what they do say is whether it's bad
they really they really only define like
they don't say that something's good
they just say like no that's
bad right so so don't do that i'm not
saying if that's good or not but that
don't do that that
so okay the branch of government is nist
yeah national institute of science
technology i think of standards
standard technology isn't it okay yeah
yep that sounds i think so there it is
here's this
this is random bit generation these are
the actual specs
so you can see this here pseudo random
spec is
this one this is they call pseudorandom
deterministic random number generation
um using an entropy source this is about
like hardware
you know so this is pulling it in so
recommendations there and
general stuff for when you're
constructing this and they have some
conformance testing
you can say something is fips standard
part whatever um so that we're not going
to go through that because it's like one
of those like
massive like you're going to read this
like all day
i've been through way too many standards
specs like yeah oh yeah it's just that
that's just to say it's that doesn't say
it's good
that just says it's not bad that's
that's all it does
okay um so
with that said uh there is one quick
implementation that tries to do some of
this in an automated fashion for you
it is called rng test it is built
into most distributions you can pull it
from rng
tools i think rng d is the one who wrote
which is the random number generator
daemon this was kind of before all the
stuff lived in a kernel
and sometimes you had to deal with it so
there are some tools available online
um that will help you and i like this
example if you've ever seen random.org
um i have not it's a website dedicated
to giving you random numbers they don't
sell them
i'm gonna sell them because these are
not artisanal they're not free range
alas this this is just not my kind of
randomness but um they they do claim
that everything here oh this fell
so they do claim that this is all true
generation randomness and they here's
the results of various tests
like you know are all the bits evenly
blocks runs are there runs of bits that
that look suspect you know that kind of
okay so any questions
no okay well i don't think so
with that said and boy we had a lot of
randomness tonight
we did i think i think we're closing
that we're closing we're closing all the
things we had our minimal pcg
we had the linux kernel which you looked
at for the first time
maybe i don't know um your c is up to
that point this is actually the
larger version of the um pcg
and you can read they have a great paper
on it just talking about it randomness
in general
xkcd is just required reading um you you
have to be
if anybody ever asks you to implement a
random number generator
on a whiteboard that's your go-to right
the level of sass i love it just just
no one should be implementing a random
number generator in a whiteboard
interview but
if they do you can always stir some
numbers and do some stuff if you want
but like
don't don't fall for it okay like like
you should never be using a random
number generates implemented on
in a coding interview