From: Petr Savicky <savicky_at_cs.cas.cz>

Date: Fri, 02 Mar 2012 12:24:41 +0100

R-devel_at_r-project.org mailing list

https://stat.ethz.ch/mailman/listinfo/r-devel Received on Fri 02 Mar 2012 - 11:27:24 GMT

Date: Fri, 02 Mar 2012 12:24:41 +0100

On Fri, Mar 02, 2012 at 10:36:14AM +0100, Karl Forner wrote:
[...]

> Hello,

*> I would be also in favor for using multiple seeds based on (seed,
**> task_number) for convenience (i.e. avoiding storing the seeds)
**> and with the possibility of having a dynamic number of tasks, but I am mot
**> sure it is theoretically correct.
**> But I can refer you to this article:
**> **http://www.agner.org/random/ran-instructions.pdf , section 6.1
**> where the author states:
**>
**> For example, if we make 100 streams of 10^10 random numbers each from an
**> > SFMT
**> > generator with cycle length ρ = 2^11213, we have a probability of overlap
**> > p ≈ 10^3362.
**> >
**>
**> What do you think ? I am very concerned by the correctness of this approach
**> so would appreciate any advice on that matter.
*

Hi.

If correctness is crucial, then the literature on cryptography provides the best answers. At the current state of knowledge, it is not possible to prove that a generator is undistinguishable from truly random numbers in a mathematical sense. The problem is that if we can prove this for any generator, then the proof also implies P \not= NP. This is an open problem, so proving that any generator is correct in the sense of undistinguishability is also open.

The best, what we can have, is a generator, which cannot be distinguished from truly random numbers using the known methods, although experts on cryptography tried to find such a method intensively. An example of such a generator is Fortuna generator using AES, which is available at CRAN as "randaes".

http://en.wikipedia.org/wiki/Fortuna_PRNG

The same can be said about initializations. Initialization is a random number generator, whose output is used as the initial state of some other generator. There is no proof that a particular initialization cannot be distinguished from truly random numbers in a mathematical sense for the same reason as above.

http://www.cs.cas.cz/~savicky/randomNumbers/

It is based on AES and Fortuna similarly as "randaes", but these components are used only for the initialization of Mersenne-Twister. When the generator is initialized, then it runs on its usual speed.

In the notation of

http://www.agner.org/random/ran-instructions.pdf

using rngSetSeed for initialization of Mersenne-Twister is Method 4 in Section 6.1.

http://www.cs.cas.cz/~savicky/randomNumbers/

R-devel_at_r-project.org mailing list

https://stat.ethz.ch/mailman/listinfo/r-devel Received on Fri 02 Mar 2012 - 11:27:24 GMT

This quarter's messages: by month, or sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

*
Archive maintained by Robert King, hosted by
the discipline of
statistics at the
University of Newcastle,
Australia.
Archive generated by hypermail 2.2.0, at Fri 02 Mar 2012 - 12:50:23 GMT.
*

*
Mailing list information is available at https://stat.ethz.ch/mailman/listinfo/r-devel.
Please read the posting
guide before posting to the list.
*