Re: Good enough for crypto?

Scott Wilber wrote:
> 

> There are many so-called random number generators that contain
> virtually no quantum components.  Certainly the Lava Lamp generator,
> which is based on turbulent flow in a heated viscous liquid, is one of
> them.  Another important example is the mechanical systems used to
> select numbers in most lotteries.  These employ plastic or rubber
> balls that are "mixed" by air flow or rolling drums.  Again, these are
> totally chaotic, and therefore not in the least truly random.  This is
> not to say that they are significantly biased or that they can be
> predicted to any profitable degree.  The parameters involved are
> extremely complex and we have no present methods of measuring them.
> Also, it would do no good to be able to predict each ball real-time
> since all lotteries close before the drawings begin.

Having, as said, barely knowledge in physics, I suppose
it would be fine if you could explain a little bit 
concretely how your scheme distinguishes itself in matter 
of the 'quantum component' mentioned above in comparison 
to a few other hardware randomness generators that are
deficient. Isn't it that all currently employed hardware
generated randomness could be considered to stem from 
certain electromagnetic noise or thermal noise (or
should it instead be quantum noise)?

> 
> Unfortunately, we have no other tool than mathematical analysis to
> assess the quality of any sequence of bits.  If we know the generated
> sequence was based on a deterministic or a non-deterministic process,
> it is possible to use slightly different approaches.  Most of the
> analysis is, of course, statistical in nature.  There is NO analytical
> method that can distinguish between a deterministically- and a
> non-deterministically-generated sequence, providing there is no
> significant defect in the statistical properties of either.

Therein lies the dilemma of practically (and reliably)
evaluating entropy in my humble view. If a PRNG is so
good that it passes all (currently) available statistical
tests, then one (without knowledge of the generation
process) would hardly be able to know that there is in 
fact very little entropy. (On the other hand, it seems 
to me to be justified that such a superb pseudo-random 
source could very well substitute a true random source
in practical applications.)

> 
> If we know that a sequence is deterministic (pseudorandom), than it is
> possible to search for patterns that would only occur in this type of
> sequence.  This type of analysis can only succeed if the generator
> produces significant statistical defects that can be analyzed further,
> or if the actual generating algorithm can be guessed or otherwise
> determined.
> 
> If a sequence is non-deterministic, it will exhibit certain
> properties.  The most important of these relates to its
> autocorrelation function.
> 
> The autocorrelation function of a non-deterministic sequence will
> always decrease with increasing order.  The decrease will either be
> monotonic or the function will oscillate, and the amplitude of the
> oscillations will decrease monotonically.  This is proved by proving
> the behavior of the generalized autocorrelation function of the random
> process, including its measurement device - something I will not try
> to show in this setting.
> 
> If a sequence is analyzed and is shown to violate this property, than
> it is at least partly or entirely deterministic.  An obvious example
> is if a pseudorandom sequence is tested for autocorrelation with order
> equal to its period, where the AC will jump to 1.0.
> 
> To the best of my knowledge, this theorem on non-deterministic
> sequences is original and has never been published before.  But, its a
> big world and if anyone has seen this before, I would like to know.

I suppose that by non-deterministic you refer to true
randomness. Your mentioned original yet unpublished
study seems interesting. Do you have any intention
of letting your result open to the statistics people?
On the other hand, I remember to have read somewhere 
that a white noise (which a good true randomness should 
approximate, if I don't err) doesn't have the property 
of monotone diminution you described but only has an
auto-correlation function that fluctuates within a fairly 
narrow band around zero.

M. K. Shen