racaf anr-15-ce40-0016-01: d epasser les fronti eres de l ...ashen/racaf/interim-report.pdf ·...
TRANSCRIPT
RaCAF ANR-15-CE40-0016-01 Depasser lesfrontieres de lrsquoaleatoire et du calculable
(Randomness and ComputabilityAdvancing the Frontiers)
Alexander ShenLIRMM CNRS amp Univ Montpellier
March 22 2018
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737