Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Using Lasers To Generate Random Numbers Faster

Posted by timothy on Sun Dec 28, 2008 03:22 PM
from the just-think-what-a-faster-laser-could-do dept.
Encryption Security Technology
Pranav writes "Using semiconductor lasers, scientists from Takushoku University, Saitama University, and NTT Corporation achieved random number rates of up to 1.7 gigabits per second, which is about 10 times higher than the second-best rate, produced using a physical phenomenon. Future work may center on devising laser schemes that can achieving rates as high as 10 Gbps."
+ -
story

Related Stories

Submission: Using lasers to generate random numbers faster by pranavpeshwe (1357259)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Using Lasers To Generate Random Numbers Faster 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Attention Slashdotters... (Score:3, Funny)

    by Anonymous Coward on Sunday December 28 2008, @03:27PM (#26251647)
    The "Real Genius" and "sharks" jokes you're about to post are less than 1% as funny and clever as you think they are. And no, you're not making them ironically, you're making them because you really do think they're good jokes. This is because you are retarded.

  • A Solution in Search of a Problem (Score:5, Informative)

    by Wrath0fb0b (302444) on Sunday December 28 2008, @03:32PM (#26251689)

    Has anyone out there actually had their system bottlenecked by lack of random numbers? I had thought that the bottleneck in serving large amounts of SSL content was processing the asymmetric part of the cyrpto -- hence the need for SSL accelerator cards. It's a nice invention and a creative application of physical process, but I really want to see just one case where this would be lead to a substantial benefit.

    As an aside, computer simulations always use pseudoRNGs like the Mersenne Twister[1]. For a reasonable exponent (I use 19937 in my simulations), this results in a period > 10^6000 and virtually no correlations between adjacent calls. The notion of a computational physicist using a real physical RNG is laughable.

    [1] http://en.wikipedia.org/wiki/Mersenne_twister [wikipedia.org]

    • Re:A Solution in Search of a Problem (Score:5, Interesting)

      by Yetihehe (971185) on Sunday December 28 2008, @03:50PM (#26251797)
      From your link to wikipedia:

      Unlike Blum Blum Shub [wikipedia.org], the algorithm in its native form is not suitable for cryptography. Observing a sufficient number of iterates (624 in the case of MT19937) allows one to predict all future iterates.

      So MT may be good enough for computational physicists, but not for strong cryptography.

      • So MT may be good enough for computational physicists, but not for strong cryptography.

        I never claimed otherwise. Cryptography has the need for a real RNG but computational physics only needs psuedoRNGs. That fact greatly undercuts the supposed need for this technology.

        • Re: (Score:3, Insightful)

          by Glock27 (446276)

          That's all great until that paper comes out explaining the failings of the *P*RNG you've been using, invalidating years of research.

          It might be a good idea to validate the results of the PRNG runs with some verifiably random data. Alternatively, you could inject entropy periodically in a computationally efficient fashion using the truly random data and improve things some.

      • The first question that came to my mind after reading the article was are these laser generated random numbers suitable for cryptography? The article just states that random numbers are "vital" to cryptography, not that this method generates cryptographic grade random numbers. Certainly the brief explanation on how it works leaves a lot of room for question.

        BTW, CryptMT [wikipedia.org] is a simple stream cipher based on the Mersenne Twister. Sadly, the last time I looked at it it lacked any solid proofs. Nonetheless, M

    • Re:A Solution in Search of a Problem (Score:5, Informative)

      by hweimer (709734) on Sunday December 28 2008, @03:52PM (#26251803) Homepage

      Has anyone out there actually had their system bottlenecked by lack of random numbers?

      I know some guys doing quantum Monte Carlo simulations. And yes, fast RNGs are crucial for their algorithms.

    • If you know anything about the application of random numbers to Monte Carlo simulations, you would know that physically random numbers are unacceptable, unless you wish to never have a chance at reproducing your simulations.

      This is why only pseudorandom number generators are used. LCGs and MT are reproducible.

      • Re:A Solution in Search of a Problem (Score:4, Informative)

        by Wrath0fb0b (302444) on Sunday December 28 2008, @04:58PM (#26252317)

        Actually, I know quite a bit about (stochastic*) computational physics and the notion that "repeatable" means "can run the exact same simulation with the exact same seed and get the exact same result" is absolutely incorrect. What is meant by "repeatable" is that one can extract from the simulations some sort of macroscopic quantity (usually a thermodynamic quantity or a correlation function) whose average is consistent across many separate runs (known in the biz as the ensemble average). So, for instance, if I'm observing the coalescence of polymers into a hex-phase (as in [1]), I could measure the average number of aggregated copolymer blocks and compare those (as was done in that paper).

        Let's make an extended gambling analogy. Suppose I have a new roulette table that I want to certify that it works like it should. One suggestion (akin to what you said), would be to put the entire table under the same initial conditions as a known-good table and see if it gives the same results. A more sophisticated approach would be to make a histogram of results for a large number of independent roles and see if it converges to the proper distribution (or, in case the distribution isn't known theoretically, compare it to the distribution from a different device, also tested a large number of times). I would argue that the second method is much more powerful than the first, because it probes a more relevant value. Nobody cares whether the roulette table gave 00 the first time and 23 the second time -- we are only concerned that, on average, it gives 00 with the same probability as 23.

        In stochastic computational simulations, the same story applies. Nobody cares whether a particular simulation did X or Y or Z because that's not relevant. What is relevant is the (converged) probability that, given some starting condition, the systems ends up in X or Y or Z.

        * None of these comments apply in any way to solving deterministic systems. You don't need random numbers for those anyway.

        ** Another commenter pointed out that exact repeatability is incredibly useful for debugging purposes. That is true but that has nothing to do with reproducibility in the scientific sense of the word.

        [1] http://link.aip.org/link/?JCPSA6/128/184906/1 [aip.org]

            • Re: (Score:3, Insightful)

              by amirulbahr (1216502)
              I need to brush up on my quantum mechanics, but I'm pretty sure you're dead wrong about that final statement.

              • Re: (Score:3, Informative)

                by Wrath0fb0b (302444)

                A roulette ball is quite large enough (by many orders of magnitude) to treat as a purely classical particle.

                You are right about one thing -- time to brush up on your Quantum. Start by calculating the de Broglie wavelength (the relevant QM length) of a roulette ball traveling at the maximum speed you might see at a casino and compare it to the radius of the ball itself.

                  • If, as poster states, (Score:4, Insightful)

                    by Jane Q. Public (1010737) on Monday December 29 2008, @12:03AM (#26254901)
                    this can be treated as a "classical physics" problem (and I have every reason to believe his statement about QM length re: a roulette ball), then at least theoretically the statement is correct.

                    But theory and practice are often vastly different. In a case like this, the information necessary to account for all the relevant initial conditions, and the calculations necessary to go from there to final result, are so vast as to make it ludicrous to even consider trying such a feat. Further, we don't even have the expertise to make such calculations even if we had such "perfect" information.

                    Think about it: even with classic physics, this is an awesome candidate for the "butterfly effect", in which miniscule differences in initial conditions could cause highly significant differences in the outcome.

                    See, you don't just need to know the mass of the ball, and its velocity, and such. You would have to know the exact size and mass of the bearings, and exactly how much lubricant had been applied. You would have to know the exact size and shape of the little fences between the numbers on the wheel (air resistance), and calculate Reynolds numbers for them. You would have to know how many people are around the wheel (if any) and how they are breathing. Is someone wearing perfume? Will that affect someone else's breathing? Even without people, did someone add a little bit extra glue at this particular spot, during the manufacturing process?

                    And so on.

                    It simply would not be a practical excercise. Even in controlled conditions, and without confounding factors, two well-lubed roulette wheels are almost certain to give you significantly different results, no matter how you try.

                    Theory is great, but reality trumps.
    • The hardest part in handling SSL (or IPSec for that matter) sessions is making sure each packet sent is actually permitted. Not so much the initial key exchange phase or subsequent re-negotiations.

  • Obligatory quote (Score:5, Funny)

    by jspenguin1 (883588) <jspenguin@gmail.com> on Sunday December 28 2008, @03:33PM (#26251691) Homepage
    "The generation of random numbers is too important to be left to chance." -- Robert R. Coveyou

  • Obligatory joke (Score:3, Funny)

    by Fryth (468689) on Sunday December 28 2008, @03:36PM (#26251709)

    They should somehow tap into phpBB. I'm already on some forums that generate more than twice this much bullshit every second :)

  • FTFA: (Score:5, Funny)

    by lobiusmoop (305328) on Sunday December 28 2008, @03:38PM (#26251721) Homepage

    "Fields and applications that could benefit from their work are numerous, including computational models to solve problems in nuclear medicine, computer graphic design, and finance."

    This explains a great deal.

    • Re:FTFA: (Score:4, Funny)

      by ScrewMaster (602015) * on Sunday December 28 2008, @04:35PM (#26252139)

      "Fields and applications that could benefit from their work are numerous, including computational models to solve problems in nuclear medicine, computer graphic design, and finance."

      This explains a great deal.

      No kidding. Makes you wonder if they're used in Diebold voting machines.

      • Haha. I can't think why anyone would ever want to build a stochastic financial model...

      • Re:FTFA: (Score:4, Funny)

        by MarkusQ (450076) on Sunday December 28 2008, @05:45PM (#26252659) Journal

        "Fields and applications that could benefit from their work are numerous, including computational models to solve problems in nuclear medicine, computer graphic design, and finance."

        This explains a great deal.

        No kidding. Makes you wonder if they're used in Diebold voting machines.

        No, not at all. Diebold voting machines are specifically designed to eliminate sources of randomness in order to deliver predictable results.

        --MarkusQ

  • Quantum Choas (Score:3, Interesting)

    by physburn (1095481) on Sunday December 28 2008, @03:49PM (#26251789) Homepage Journal
    I'm busy trying to get my head around, why partially reflecting laser light back into the laser, induces a chaotic signal. It doesn't seem right, there's a laser frequency and two reflection distances, (remember lasers have a mirror at each end). It doesn't seem complex enough to be chaotic.

    If it is chaotic and you believe in the Everett Interpretation, they've just produced the worlds fastest world splitter.

    • Going out of a limb here, but maybe it's like this.
      You shine your laser, it reflects, it interferes with itself. And now the interfered laser reflects back and so on and so forth. Maybe its possible to track it through the first few given the exact starting conditions, but it would be impossible to look at a few samples in the middle and work back to the initial start condition (thus chaotic).

  • Don't believe everything you read (Score:5, Informative)

    by Frequency Domain (601421) on Sunday December 28 2008, @03:57PM (#26251847)
    First off, this is old news -- the article is copyright 2007.

    Next, the article claims...

    Generating random numbers using physical sources -- which can be as simple as coin-flipping and tossing dice -- are preferred over other methods, such as computer generation, because they yield nearly ideal random numbers: those that are unpredictable, unreproducible, and statistically unbiased.

    This is garbage -- there are applications where people prefer physical sources, but those of us doing simulation work realized long ago that good algorithmic sources are far better for our needs: 1) It's mighty hard to debug a complex simulation model without reproducibility; 2) You can use the reproducibility to induce covariance between runs, greatly reducing the standard error of your estimates for a given sampling effort; 3) The distributions of algorithmically generated pseudo-random numbers are provably uniform, whereas for physical sources the best you know is that they haven't (yet) failed a hypothesis test for uniformity. Finally, the last statement about being "statistically unbiased" is utter nonsense -- unbiasedness is a property of an estimator, not a distribution.

    • Agreed. Someone once told me about one of John Ellis [wikipedia.org]'s students asking them to do a Monte Carlo simulation, and sending the results back saying "it's not random enough". Ignorance about random number generators is everywhere.

    • Re: (Score:3, Informative)

      by ZombieWomble (893157)
      While slashdot is often not on the bleeding edge, this news isn't exactly ancient: the article itself is dated just last week, and correctly cites a paper which was only published a month ago. Don't believe everything you read in a copyright tag.

      As for the rest of it, yes, much of the article is rather terrible.

  • scary (Score:4, Funny)

    by ascari (1400977) on Sunday December 28 2008, @04:00PM (#26251875)
    I suspect encountering the words "random" and "laser" in the same sentence would be rather disconcerting to an eye surgeon. Maybe I'm off topic...

  • random number rates of up to 1.7 gigabits per second, ... Future work may center on devising laser schemes that can achieving rates as high as 10 Gbps."

    Oh, I can get 3.4 gigabits right here. I'll take a second such laser.

    Or, ten of them. A 17 Gbps device instead of your hoped for 10 Gbps one.

  • Random generator needed in semi-conductors (Score:4, Insightful)

    by owlstead (636356) on Sunday December 28 2008, @04:14PM (#26251985)

    We really, really need more hardware random number generators (RNG's) within CPU's. I think this is one of the more important things for Intel and AMD to work on (VIA and Intel have already working hardware RNG's for x86 as far as I know, with Intel though it is only for an embedded processor).

    Otherwise we will have to rely on "commodity" hardware to generate enough randomness to seed our pseudo-RNG's. And since a keyboard, harddisk and video cannot be trusted to be in a machine, and since using the NIC has too big a tie with the outside world, we are quickly running out of entropy sources. So a hardware RNG is definitely a very good idea.

    That does not mean that these guys have struck gold. There are already fine RNG's available for use within CPU's. I don't know how secure their device is (what happens when it is underpowered/cooled etc) but speed is not really a problem right now. Of course, if it is easy to implement in current designs: why not?

    • we are quickly running out of entropy

      Sorry, I thought I had a joke there, but my mind seems to be failing with age. Anyhow, that sentence fragment amused me, so I am quoting it out of context for my own enjoyment. Consider this reply my contribution to randomness.

    • Re: (Score:3, Interesting)

      by ishmalius (153450)

      Reverse-biased zener diodes make an excellent noise source for true physical randomness. You want quantum quality? Use a tunnel diode. And some military radios use FM discriminator or PLL noise as a generator for crypto.

  • Doing my part for science (Score:5, Funny)

    by Snorfalorpagus (1321189) on Sunday December 28 2008, @04:22PM (#26252053)
    247

  • 10d6 at lightspeed (Score:3, Funny)

    by Veggiesama (1203068) on Sunday December 28 2008, @07:51PM (#26253497)

    This is going to make my D&D games kick ass.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.