伪随机数利用

伪随机数生成器并不能真正产生随机数。相反,它们仅仅是将一串数字任意地排好序。在这里,是一串非常长的数字:2的32次方,即40亿个数。程序每重新开始运行一次的时候,它只是在排好的数字列表中任选一个位置作为开始。因此其实直到下一个循环开始前,当前循环中后面的数字都是确定的,并可以计算出来。

在《入侵的艺术》该章末尾讨论了如何提高安全性,提高破解难度系数。确实在巨大利益诱惑下,伪随机数变得极为不可靠了。

记得前几年的一个新闻,年会抽奖算法遭质疑 CTO现场 review 代码,代码中使用了
https://www.random.org 提供的真随机数,该站点使用大气噪音产生随机数。

抽奖算法中的随机数

抽奖算法中的随机数

如果需要真随机数,可以使用 https://www.random.org 的服务,摘录该站的介绍如下:

RANDOM.ORG offers true random numbers to anyone on the Internet. The randomness comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs. People use RANDOM.ORG for holding drawings, lotteries and sweepstakes, to drive online games, for scientific applications and for art and music. The service has existed since 1998 and was built by Dr Mads Haahr of the School of Computer Science and Statistics at Trinity College, Dublin in Ireland. Today, RANDOM.ORG is operated by Randomness and Integrity Services Ltd.

Advertisements

发表评论

Fill in your details below or click an icon to log in:

WordPress.com 徽标

You are commenting using your WordPress.com account. Log Out /  更改 )

Google+ photo

You are commenting using your Google+ account. Log Out /  更改 )

Twitter picture

You are commenting using your Twitter account. Log Out /  更改 )

Facebook photo

You are commenting using your Facebook account. Log Out /  更改 )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.