RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf ·...
Transcript of RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf ·...
![Page 1: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/1.jpg)
RaCAF ANR-15-CE40-0016-01 Depasser lesfrontieres de lrsquoaleatoire et du calculable
(Randomness and ComputabilityAdvancing the Frontiers)
Alexander ShenLIRMM CNRS amp Univ Montpellier
March 22 2018
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 2: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/2.jpg)
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 3: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/3.jpg)
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 4: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/4.jpg)
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 5: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/5.jpg)
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 6: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/6.jpg)
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 7: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/7.jpg)
Random objects from different perspectives
I Classical probability theory random variables
I Algorithmic randomness random bit sequencereal number in (0 1) bit string
I Numerical computations pseudorandom numbergenerators and statistical tests
I Complexity theory and computationalcryptography pseudorandom number generators(Blum Micali)
I Combinatorics randomness extractors
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 8: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/8.jpg)
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 9: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/9.jpg)
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 10: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/10.jpg)
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 11: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/11.jpg)
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 12: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/12.jpg)
Classical probability theory
I Random variable mapping defined on aprobability space
I No such thing as an individual random object
I of course we usually speak about sequencesnot individual digits
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 13: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/13.jpg)
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 14: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/14.jpg)
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)
can we complain to amazon if ldquonon-randomrdquo
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 15: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/15.jpg)
Tables of random numbers
but the question remains
($600 hardcover $41 paperback $9 digital)can we complain to amazon if ldquonon-randomrdquo
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 16: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/16.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 17: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/17.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 18: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/18.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 19: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/19.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 20: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/20.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 21: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/21.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 22: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/22.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 23: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/23.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 24: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/24.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 25: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/25.jpg)
Algorithmic randomness
I finite or infinite objects
I sharp boundary for infinite (Martin-Lof)
I ldquorandomness deficiencyrdquo for finite
I randomness=incompressibility
I Kolmogorov complexity = length of thegenerating program
I randomness deficiency=lengthminuscomplexity
I non-computable
I dependence on the programming language
I (our main field of expertise)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 26: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/26.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 27: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/27.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 28: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/28.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 29: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/29.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 30: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/30.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 31: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/31.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 32: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/32.jpg)
Pseudo-random number generators
I xn+1 = (1103515245 middot xn + 12345) mod 232
I many other generators (not only linear)
I used for simulations
I Monte-Carlo method
I easily computable and predictable
I why better than xn+1 = xn + 1 mod 232
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 33: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/33.jpg)
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 34: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/34.jpg)
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 35: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/35.jpg)
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 36: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/36.jpg)
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 37: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/37.jpg)
Statistical tests
I diehard (G Marsaglia originally available athttpstatfsuedupubdiehard)
I dieharder linux package (R Brownhttpswebhomephydukeedu~rgb
Generaldieharderphp
I NIST httpscsrcnistgovprojectsrandom-bit-generation
documentation-and-software
I TestU01 httpswwwiroumontrealca
~lecuyermyftppaperstestu01pdf
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 38: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/38.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 39: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/39.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 40: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/40.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 41: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/41.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 42: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/42.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 43: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/43.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 44: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/44.jpg)
What is a statistical test
I input bit sequence r (typical length 107)
I output not just ldquopassrdquo or ldquofailrdquo but some realp(r) isin (0 1)
I ldquop-valuerdquo Prr [p(r) 6 ε] = ε
I if p-value is below some threshold say 10minus5 wesay that r looks non-random with p-value 10minus5
I ldquor is random with probability 10minus5rdquo misleading
I compressors as random tests compression by kbits corresponds to p-value below 2minusk
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 45: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/45.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 46: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/46.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 47: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/47.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator
seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 48: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/48.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 49: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/49.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 50: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/50.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 51: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/51.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 52: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/52.jpg)
Randomness and cryptography
I passwordsecret key from the random tablebook a bad idea
I password generated by a pseudorandom numbergenerator seeds needed
I complexity-based cryptography Yao ndash Blum ndashMicali
I PRNG short seed rarr long bit string
I indistinguishable by tests of bounded circuitcomplexity
I conditional existence (factoring is hard theexistence of one-way functions)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 53: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/53.jpg)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 54: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/54.jpg)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 55: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/55.jpg)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 56: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/56.jpg)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 57: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/57.jpg)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 58: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/58.jpg)
Physical randomness
I ldquofast electronic coinrdquo
I examples httpsenwikipediaorgwikiComparison_
of_hardware_random_number_generators
I more exotic solutions lava lamps at CloudFlarehttpswwwyoutubecomwatchv=1cUUfMeOijg
I basic problem distribution not under control
I solution attempt ldquoextracting randomness fromweak randomnessrdquo
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 59: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/59.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 60: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/60.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 61: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/61.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 62: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/62.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 63: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/63.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 64: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/64.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 65: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/65.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 66: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/66.jpg)
The project goals
I understanding relations between differentapproaches
I better understanding of existing practices andtheir weaknesses
I making tests robust
I trying new type of tests
I trying new ways of randomness extraction
I this report mostly practical aspects
I see below (and also pdf report) for moretheoretical work
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 67: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/67.jpg)
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 68: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/68.jpg)
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 69: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/69.jpg)
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 70: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/70.jpg)
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 71: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/71.jpg)
Randomness tests problems
I p-value function requires exact answer forprobabilities
I in many cases only a bound available or even anempirical estimate
I unsuitable for ldquosecondary testrdquo when severalp-values on independent inputs are testedagainst a uniform distribution on (0 1) withKolmogorovndashSmirnov test
I diehard uses dependent inputs whenindependence is required
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 72: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/72.jpg)
dieharder documentation
speaks about ldquotest failuresrdquo
Many dieharder tests despite our best efforts are numericallyunstable or have only approximately known target statistics orare straight up asymptotic results and will eventually return afailing result even for a gold-standard generator (such as AES)or for the hypercautious the XOR generator with AESthreefish kiss all loaded at once and xorrsquod together 〈 〉Failure with numbers of psamples within an order ofmagnitude of the AES thresholds should probably beconsidered possible test failures not generator failuresFailures at levels significantly less than the known goldstandard generator failure thresholds are of course probablyfailures of the generator
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 73: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/73.jpg)
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 74: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/74.jpg)
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 75: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/75.jpg)
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 76: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/76.jpg)
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 77: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/77.jpg)
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 78: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/78.jpg)
More reliable approach needed
I any function p (no assumptions about havingp-value properties)
I p(r1) p(rn) (where ri are independent partsof a test stream) compared withp(R1) p(Rn) where Ri are true randomstrings
I we may use KolmogorovndashSmirnov criterion fortwo distributions
I guaranteed to be reliable (assuming truerandomness)
I almost as sensitive as the original test
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 79: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/79.jpg)
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 80: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/80.jpg)
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 81: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/81.jpg)
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 82: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/82.jpg)
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 83: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/83.jpg)
Testing without etalon randomness
I correctness depends on the etalon randomness
I improvement p(r1) p(rn) (where ri areindependent parts of a test stream) comparedwith p(rn+1 oplus R1) p(r2n oplus Rn) where Ri arepresumably true random strings
I guaranteed to be reliable (no assumptions aboutRi)
I equally sensitive if Ri are truly random
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 84: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/84.jpg)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 85: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/85.jpg)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 86: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/86.jpg)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 87: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/87.jpg)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 88: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/88.jpg)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 89: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/89.jpg)
Probabilistic arguments as random tests
I combinatorial results obtained by a probabilisticmethod
I object with some combinatorial properties (egexpander graphs) generated with highprobability using random bits
I testing bit string r use it as a random string inthe algorithm and measure the properties of theobject generated by it
I suitable for our scheme even if nothing isformally proved about the algorithm
I some preliminary results (MPopov masterthesis under supervision of ARomashchenko)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 90: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/90.jpg)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 91: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/91.jpg)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 92: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/92.jpg)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 93: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/93.jpg)
Physical random number generators
I goal add some ldquounpredictabilityrdquo or ldquoentropyrdquofrom physical sources
I ldquodevrandom typically blocks if there is lessentropy available than requestedrdquo ldquothegenerator keeps an estimate of the number ofbits of noise in the entropy poolrdquo etc(wikipedia)
I (naive) idea of ldquoentropyrdquo as some kind of liquidthat can be measured kept in a pool etcsimilar to caloric theory
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 94: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/94.jpg)
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 95: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/95.jpg)
RFC 4086
on extracting randomness from weak randomsource
For an example of using a strong mixing function reconsiderthe case of a string of 308 bits each of which is biased 99toward zero The parity technique 〈 〉 reduces this to one bitwith only a 11000 deviance from being equally likely a zero orone But applying the equation for information 〈 〉 [Shannonentropy] this 308-bit skewed sequence contains over 5 bits ofinformation Thus hashing it with SHA-1 and taking thebottom 5 bits of the result would yield 5 unbiased random bitsand not the single bit given by calculating the parity of thestring
[Not justified parity argument uses independence and SHA-1 trick is notjustified even in the independence case]
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 96: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/96.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 97: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/97.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 98: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/98.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 99: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/99.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 100: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/100.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 101: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/101.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 102: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/102.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 103: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/103.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 104: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/104.jpg)
Alternative ways to extract randomness
I theoretical work randomness extractors
I two inputs long weak random and independentshort truly random
I or two long independent weak random sources
I not directly practical
I some practical approaches inspired by them
I using expander walk over weakly random edges
I using B[x ][y ] where B is a balanced matrix andx and y are independent weak random sources
I some preliminary experiments done
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 105: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/105.jpg)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 106: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/106.jpg)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 107: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/107.jpg)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 108: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/108.jpg)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 109: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/109.jpg)
Planned work
I convert some tests from standard suites in a robust form (maybe incorporating them in the existing open source software)
I adding some new tests based on probabilistic constructions
I making experiments with existing physical randomness inputs(sound cards physical devices) and analyzing their propertiesand ways to extract good random bits out of them
I last but not least theoretical work to understand propertiesof randomness (algorithmic information theory computabilitytheory approach to randomness models of computationrandomness in game-theoretic approach to probability theoryetc)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 110: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/110.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 111: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/111.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 112: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/112.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 113: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/113.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 114: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/114.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 115: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/115.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 116: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/116.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 117: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/117.jpg)
Theoretical work
I physical models of computation (work of OBournez and hisgroup accepted by JACM) other non-standard models ofcomputation (BDurand GLafitte and others)
I properties of randomness tests in algorithmic informationtheory (GNovikov)
I detection of regularities and algorithmic statistics(AMilovanov NVereshchagin) presented at CCC 2017)
I conditional and image randomness (LBienvenu AShen)
I randomness normality automatic complexity (AShen)
I randomness and expanders (ARomashchenko)
I mutual information and its operational characterization(ARomashchenko with MZimand Towson University)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 118: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/118.jpg)
Chronological report about RaCAF progress including referencesand texts of RaCAF-related papershttpwwwlirmmfr~ashenracafhtml
M Andreev G Posobin A Shen Plain stopping time andconditional complexities revisited preprinthttpsarxivorgabs170808100
O Bournez DS Gracca A Pouly Polynomial Time corresponds toSolutions of Polynomial Ordinary Differential Equations ofPolynomial Length Journal of the ACM Volume 64 Issue 6November 2017 Article No 38
O Bournez A Pouly A Universal Ordinary Differential EquationInternational Colloquium on Automata Language and ProgrammingICALPrsquo2017 1161ndash11614
B Bauwens A Shen H Takahashi Conditional Probabilities andvan Lambalgens Theorem Revisited Theory of Computing Systems2017 doi101007s00224-017-9789-2
M Carl B Durand G Lafitte S Ouazzani Admissible in Gaps CiE2017 Unveiling Dynamics and Complexity Proceedings Lecture
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 119: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/119.jpg)
Notes in Computer Science 10307 Springer 2017 175ndash186httpsdoiorg101007978-3-319-58741-7_18
J Cervelle G Lafitte On shift-invariant maximal filters andhormonal cellular automata 32nd Annual ACMIEEE Symposium onLogic in Computer Science LICS 2017 Reykjavik Iceland June20-23 2017 1ndash10httpsdoiorg101109LICS20178005145
O Defrain B Durand G Lafitte Infinite Time Busy Beavers CiE2017 Unveiling Dynamics and Complexity Proceedings LectureNotes in Computer Science 10307 Springer 2017 221ndash233httpsdoiorg101007978-3-319-58741-7_22
B Durand A Romashchenko On the Expressive Power ofQuasi-Periodic SFT Mathematical Foundations of ComputerScience 2017 httpsdoiorg104230LIPIcsMFCS20175
L Bienvenu M Hoyrup A Shen Layerwise Computability andImage Randomness Theory of Computing Systems 2017doi101007s00224-017-9791-8
Guilhem Marion Le hasard et sa production report de stageLIRMM see RaCAF diary above
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 120: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/120.jpg)
A Milovanov Algorithmic Statistics Normal Objects and UniversalModels Computer Science in Russia 2016 Lecture Notes inComputer Science v 9691 (2016) 280ndash293
A Milovanov Some Properties of Antistochastic Strings Theory ofComputing Systems published online 21 June 2016 DOI101007s00224-016-9695-z
A Milovanov On Algorithmic Statistics for space-boundedalgorithms In Proceedings of 12th International Computer ScienceSymposium in Russia (CSR 2017) LNCS vol 10304 pp 232ndash2342017
A Milovanov N Vereshchagin Stochasticity in AlgorithmicStatistics for Polynomial Time 32nd Computational ComplexityConference(CCC 2017) proceedings (Leibniz InternationalProceedings in Informatics LIPIcs)doi104230LIPIcsCCC201717 171ndash1718
G Novikov Randomness Deficiences CiE 2017 Unveiling Dynamicsand Complexity Proceedings Lecture Notes in Computer Science10307 Springer 2017 338ndash350 httpslinkspringercomchapter101007978-3-319-58741-7_32
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737
![Page 121: RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l ...ashen/racaf/interim-report.pdf · RaCAF ANR-15-CE40-0016-01: D epasser les fronti eres de l’al eatoire et du calculable](https://reader036.fdocuments.us/reader036/viewer/2022090517/60445d69ff2f3905656c5005/html5/thumbnails/121.jpg)
A Romashchenko Coding in the fork network in the framework ofKolmogorov complexity preprint arXiv160202648
A Shen Algorithmic Information Theory book section in TheRoutledge handbook of philosophy of information Routletge 201637ndash43
A Shen Automatic Kolmogorov complexity and normality revisitedFCT 2017 Conference Bordeaux France Proceedings full versionhttpsarxivorgpdf170109060pdf
A Shen V Uspensky N Vereshchagin Kolmogorov Complexity andAlgorithmic Randomness A book accepted for publication (in 2017)by the American Mathematical Society Drafthttpwwwlirmmfr~ashenkolmbook-engpdf
N Vereshchagin A Shen Algorithmic statistics forty years laterBook chapter in Computability and Complexity Essays Dedicated toRodney G Downey on the Occasion of His 60th Birthday LectureNotes in Computer Science v 10010 Springer 2017 p 669ndash737