Linear Congruential Generator Method | Random Numbers

MathPod
25 Nov 202011:06

Summary

TLDRThis video script delves into the Linear Congruential Generator (LCG), a popular algorithm for generating pseudo-random numbers. It explains the concept of congruence as the foundation for LCG, where a sequence of numbers is generated using a recurrence relation involving a large integer 'm', multiplier 'a', increment 'b', and a seed 'x0'. The script provides an example with specific values for 'm', 'a', 'b', and 'x0', demonstrating how to generate a sequence of pseudo-random numbers. It also touches on the generation of random bit sequences from these numbers and briefly discusses the security implications of using such sequences in cryptographic applications, hinting at the 50-50 vulnerability of the method.

Takeaways

  • 🔢 The Linear Congruential Generator (LCG) is a method for generating pseudo-random numbers, which are essential for simulations and cryptography.
  • 📚 The concept of congruence is fundamental to understanding LCGs, where 'a is congruent to b mod n' means n divides the difference between a and b.
  • 🌰 An example of congruence is 12 being congruent to 0 mod 4, as 4 divides 12.
  • 🔑 In LCGs, a large integer m, and two integers a and b are chosen, along with a seed value x₀, to generate a sequence of numbers using the formula: xi ≡ a * xi-1 + b (mod m).
  • 🔄 The sequence generated by LCGs is a recurrence relation that allows for the calculation of subsequent numbers based on the previous one.
  • 📈 An example provided in the script uses m=123, a=5, b=2, and x₀=73 to demonstrate the generation of pseudo-random numbers.
  • 🔄 The script explains that the output of the LCG can be reduced by taking the modulo with respect to the chosen large integer m, ensuring the sequence remains within a manageable range.
  • 🤔 The script mentions the possibility of generating random bit sequences from the LCG output, which can be useful for cryptographic applications requiring a stream of zeros and ones.
  • 🔒 However, the script also points out that the method of generating bits from LCG is not very secure, as the predictability of the next bit is 50%, making it half secure and half vulnerable.
  • 🚀 The script promises to discuss the Blum Blum Shub pseudo-random bit generator in a subsequent video, which is another method for generating random bits for cryptographic purposes.

Q & A

  • What is the purpose of using pseudo random numbers in simulations and cryptography?

    -Pseudo random numbers are used in simulations to mimic the randomness required for various processes and in cryptography to enhance security through unpredictability, as generating true random numbers is difficult and costly.

  • What was the algorithm discussed in the speaker's last video for generating random numbers?

    -The speaker discussed the mid square algorithm in their last video as a method for generating random numbers.

  • What is the mathematical concept of congruence, and how is it related to the linear congruential generator?

    -Congruence is a concept in number theory where two numbers are said to be congruent modulo n if n divides their difference. It is fundamental to the linear congruential generator, which uses a recurrence relation involving multiplication, addition, and modulo operations to generate a sequence of pseudo random numbers.

  • What are the components of the linear congruential generator formula?

    -The components of the linear congruential generator formula are a large integer m, two integers a and b, and a seed value x₀. The formula is xi ≡ a * xi-1 + b (mod m).

  • Why is the linear congruential generator called 'linear'?

    -The linear congruential generator is called 'linear' because the recurrence relation it uses to generate numbers has a linear form in terms of the seed value and the constants a and b.

  • What is the significance of choosing a large integer m for the linear congruential generator?

    -Choosing a large integer m for the linear congruential generator helps to increase the period of the generated sequence, making it less predictable and more suitable for applications like cryptography that require a high level of randomness.

  • Can you provide an example of how the linear congruential generator formula is applied?

    -An example given in the script uses m=123, a=5, b=2, and x₀=73. The formula is applied iteratively to generate subsequent numbers in the sequence, such as x1 ≡ 5 * 73 + 2 (mod 123), resulting in x1=121.

  • How can the generated pseudo random numbers be used to create a bit sequence?

    -The generated pseudo random numbers can be reduced modulo 2 to create a bit sequence. For example, if a number is odd, it would be congruent to 1 (mod 2), and if it is even, it would be congruent to 0 (mod 2).

  • What is the security level of the pseudo random bit sequence generated by the linear congruential generator?

    -The security level of the pseudo random bit sequence generated by the linear congruential generator is considered to be 50% secure and 50% vulnerable, as the probability of correctly guessing the next bit is 50%.

  • What will be discussed in the speaker's next video?

    -In the next video, the speaker will be discussing the Blum Blum Shub pseudo random bit generator, which is another method for generating random bits used in cryptographic applications.

Outlines

00:00

🔢 Introduction to Linear Congruential Generator

The video script begins with an introduction to the Linear Congruential Generator (LCG), a method used for generating pseudo-random numbers. The presenter explains the necessity of random numbers in simulations and cryptography, and acknowledges the impracticality and high cost of producing truly random numbers. The concept of congruence is introduced as a foundational element for understanding LCG, with examples provided to illustrate how numbers can be congruent modulo n. The script also mentions a previous video on the mid-square algorithm, another method for generating random numbers, and encourages viewers to review additional materials on congruences for a deeper understanding.

05:02

📚 Generating Pseudo-Random Numbers with LCG

This paragraph delves into the specifics of the Linear Congruential Generator algorithm. The presenter outlines the formula for generating numbers in the sequence, which involves a large integer m, multiplier a, increment b, and a seed value x0. The process of generating subsequent numbers in the sequence using the formula x_i ≡ a*x_(i-1) + b (mod m) is explained, with an example given using m=123, a=5, b=2, and x0=73. The example demonstrates how to calculate the next numbers in the sequence and emphasizes the recurrence relation that allows for the generation of a series of pseudo-random numbers.

10:04

🔑 Pseudo-Random Number Generation and Bit Sequences

The third paragraph continues the discussion on LCG, focusing on the generation of pseudo-random numbers and their application in producing bit sequences. The presenter explains how the generated numbers can be reduced modulo 2 to create a sequence of bits, which is crucial for certain cryptographic algorithms like stream ciphers. The example from the previous paragraph is used to demonstrate this process, showing how each generated number corresponds to a bit (1 for odd, 0 for even). The paragraph concludes with a brief mention of the security implications of using such a method, noting that while it is 50% secure, it is also 50% vulnerable, indicating the need for more robust methods in cryptographic applications.

Mindmap

Keywords

💡Linear Congruential Generator

A Linear Congruential Generator (LCG) is an algorithm that generates a sequence of pseudo-random numbers using a linear equation. It is defined by the recurrence relation X(i+1) = (a*X(i) + b) mod m, where a, b, and m are constants, and X(0) is the seed. In the video, the LCG is explained as a method to produce random numbers efficiently for use in simulations and cryptographic algorithms.

💡Pseudo-random Numbers

Pseudo-random numbers are numbers that appear random but are generated by a deterministic process. In the video, they are discussed as a more practical alternative to true random numbers, which are difficult and expensive to produce. The LCG is a common method to generate these pseudo-random numbers.

💡Congruence

Congruence is a concept in number theory where two numbers are said to be congruent modulo a third number if they leave the same remainder when divided by that number. The video explains that this concept is crucial for understanding how the LCG works. For example, 12 is congruent to 0 mod 4 because both 12 and 0 leave the same remainder when divided by 4.

💡Seed

A seed in the context of random number generation is an initial value used to start the sequence. The video uses the example of X(0) = 73 as the starting point for generating the subsequent numbers in the LCG. The choice of seed can significantly affect the sequence of numbers produced.

💡Modulus

The modulus (denoted as mod) is a mathematical operation that finds the remainder when one number is divided by another. In the LCG formula, it is used to ensure the numbers stay within a certain range. For instance, in the example provided, calculations are performed modulo 123.

💡Cryptography

Cryptography is the practice of securing information by transforming it into an unreadable format, only to be converted back to a readable format by someone possessing the key. The video mentions cryptography as one of the applications where pseudo-random numbers generated by LCGs are utilized.

💡Recurrence Relation

A recurrence relation is an equation that recursively defines a sequence of values. Each term is defined as a function of the preceding terms. The LCG formula X(i+1) = (a*X(i) + b) mod m is an example of a linear recurrence relation, generating each new number based on the previous one.

💡Random Bit Sequence

A random bit sequence is a sequence of bits (0s and 1s) that appears random. In the video, after generating pseudo-random numbers using the LCG, these numbers are further transformed into random bit sequences using modulo 2 operations, which are useful in various cryptographic applications.

💡Stream Cipher

A stream cipher is a method of encryption where plaintext digits are combined with a pseudo-random cipher digit stream. In the video, stream ciphers are mentioned as a use case for random bit sequences, highlighting the importance of generating secure random bits.

💡Blum Blum Shub

Blum Blum Shub is a cryptographic pseudo-random number generator considered more secure than LCGs. The video briefly mentions that the next topic will cover Blum Blum Shub, indicating its relevance in producing secure random numbers for cryptographic purposes.

Highlights

Introduction to Linear Congruential Generator for generating random numbers.

Explanation of why random numbers are essential for simulations and cryptography.

Differentiation between true random numbers and pseudo random numbers due to computational feasibility.

Introduction to the concept of congruence as a foundation for the algorithm.

Definition of congruence with an example involving numbers 12 and 4.

Illustration of congruence with different numbers like 11 and 3 modulo 4.

Explanation of how congruence can be used to generate a sequence of numbers.

Description of the Linear Congruential Generator formula and its parameters m, a, b, and x0.

Example calculation using the Linear Congruential Generator with specific values for m, a, b, and x0.

Process of generating subsequent numbers in the sequence using the formula.

Discussion on the use of the generated numbers in cryptographic applications.

Generation of pseudo random numbers and their limitations in security.

Conversion of generated numbers into a bit sequence for use in cryptographic algorithms.

Analysis of the security level of the generated bit sequence and its vulnerability.

Introduction to the Blum Blum Shub pseudo random bit generator for the next video.

Summary of the Linear Congruential Generator's method and its practical applications.

Transcripts

play00:03

in this video i'll be explaining linear

play00:05

congruential generator for generating

play00:07

random numbers

play00:09

in my last video i have explained why

play00:11

random numbers are required we do

play00:13

require them for the various simulation

play00:15

processes

play00:16

and also in various cryptography

play00:18

algorithms

play00:20

so in my last video i have taken up

play00:23

random numbers which are specifically

play00:25

pseudo random numbers because it is

play00:27

difficult to generate the

play00:28

true random numbers and the experiment

play00:31

cost us a huge

play00:32

so rather than doing this we create or

play00:35

we generate the random number through

play00:37

certain computer algorithms

play00:38

and the last algorithm that i have

play00:40

talked about generating random number is

play00:42

mid square algorithm now in this linear

play00:45

congruential generating function

play00:47

i will be requiring a concept of

play00:50

congruence

play00:51

which i have explained in my number

play00:52

three videos i've added the link in the

play00:54

description

play00:55

so for an easy recall of what is

play00:57

congruence

play00:59

we can say that a is congruent to b

play01:02

modulo n whenever n

play01:05

divides a minus b so this line i will

play01:08

read it as

play01:08

n divides a minus b so for example

play01:12

i can consider here let's take 12

play01:16

and in the model i i will consider say

play01:18

for example

play01:19

4 so now i want to keep something here

play01:22

so i can say 12 is congruent to 0 mod 4

play01:25

because whenever we

play01:27

subtract these two so rather we take a

play01:29

minus b

play01:30

or b minus a it doesn't matter because

play01:32

if n divides some integer it also

play01:34

divides negation of the integer

play01:36

so if 4 divide 12 this is

play01:40

a fine congress i can also say if i have

play01:42

11 here

play01:44

11 is congruent to either minus 1

play01:47

because you can take minus 1 on this

play01:48

side

play01:49

and so this will become mod 4

play01:53

so here you can say 4 divide 11

play01:56

minus of minus 1 that is 12. in that

play01:58

case also this congress is true

play01:59

or i can also say that 11 this is

play02:02

congruent to

play02:03

3 mod 4 so because 11

play02:06

minus 3 this is 8 and 4 divides 8.

play02:09

now so this doesn't give us a unique

play02:11

answer but yeah in case we want a

play02:13

positive integer here so this would be

play02:15

considered as a remainder whenever we

play02:17

divide

play02:18

this 4 by 11. so in that case you may

play02:21

consider this as a unique

play02:22

but we can also see a relation between

play02:25

these two integer

play02:26

and here we can see that minus 1 is also

play02:29

congruent to 3

play02:30

either you take this minus 1 on this

play02:32

side it will become plus 1 or we take

play02:34

3 on this side it will become minus 4

play02:36

and so it is congruent to

play02:38

4. so this is the normal concept of the

play02:40

congruences

play02:41

and there are various videos associated

play02:43

with the congruences that you can look

play02:45

for the further properties

play02:46

now i'm going to use this type of

play02:48

concept to explain what is linear

play02:50

congruential generator so let m be the

play02:53

large

play02:53

integer i am just considering a large

play02:56

integers

play02:56

now for the random numbers we require

play03:00

in case you are taking a cryptographic

play03:01

application you do require the large

play03:03

number so here i'm just taking m to be

play03:05

large integers

play03:06

and choose two integers a and b

play03:09

so we selected two integers a and

play03:13

b and i select a seed which i call it as

play03:16

x naught and we defined a sequence

play03:19

which sequence is related using the

play03:21

congruence symbol so here we can take x

play03:23

i is congruent to a times x i minus 1

play03:27

plus b mod n this is something similar

play03:30

as we can generate some sort of

play03:31

recurrence relations or some sort of

play03:34

rule which allows us to if i know one

play03:36

number i can generate the other number

play03:38

so as you can see

play03:39

that we know the seed x naught and i can

play03:41

generate the next number so

play03:43

if you just fit this first seed into

play03:45

this i will get the next number

play03:47

so x1 this is congruent to a times x

play03:50

naught plus b

play03:51

times mod m and as you can see that a

play03:53

and

play03:54

b are already selected and we already

play03:56

know once we know what is x naught we

play03:58

can find what is

play03:59

x 1 and similarly i can generate x 2

play04:01

which is congruent to a

play04:02

times x 1 plus b mod m and we continue

play04:06

doing like this so it depends upon how

play04:09

many integers or how many random numbers

play04:11

do we require to

play04:12

generate now let us take an example

play04:14

corresponding to this consider this

play04:16

example and in this example i have

play04:17

selected let m is equal to 123

play04:21

and a is equal to 5 and let b is equal

play04:23

to 2 and we can choose

play04:24

any random seed as well which is x

play04:26

naught equal to 73

play04:28

and here i will use the previous formula

play04:30

we can see that x i

play04:31

this is congruent to a times x i minus 1

play04:34

plus b times mod m in fact this is more

play04:38

like a linear congruence so that is why

play04:40

the name is linear congruential method

play04:43

so if somebody is very much interested

play04:45

you can see my video on

play04:47

what is a linear congress i've added the

play04:49

link in the description

play04:51

the linear congress is something like a

play04:53

times x is congruent to b

play04:55

mod n and there we can also talk when

play04:57

this congruence is solvable or not

play04:59

so this is something similar uh the only

play05:02

difference is you can take

play05:03

this b on the other side so it becomes a

play05:05

x uh minus b

play05:07

which is congruent to 0 mod n and then

play05:10

we associate that for what value of x

play05:12

what is the result that we get here so

play05:13

in this case uh because

play05:15

i'm not associating two different

play05:17

numbers but here this is x i

play05:19

and x i plus 1. so if you just consider

play05:21

this a and

play05:22

b as fixed quantity and here we consider

play05:25

this as a variable

play05:26

so the output that we expect here is

play05:29

something which is

play05:30

maybe we call it as a random number so

play05:33

now once

play05:34

looking this as a concept of the linear

play05:36

congress extension we know what is a c

play05:38

let's try to find the random numbers x 1

play05:41

this is

play05:42

congruent to a which is 5 and the seed

play05:45

that is 73 so the first will go seed

play05:47

plus 2 time which is the value for b

play05:50

now solve this up which is congruent to

play05:52

5 into 73 that is 365

play05:55

plus 2 so this will be congruent to 367

play05:59

and here we are taking modulo with

play06:01

respect to 123

play06:02

but now you can see this 367 is larger

play06:05

than 123 so you divide

play06:07

367 by 123 whatever be the remainder

play06:11

so here you will get say if you are

play06:13

dividing a number by

play06:15

b you get some quotient plus remainder

play06:18

so now we are dividing it by 123. so

play06:20

whatever is the quotient

play06:22

so this number a is 367 and i'm going to

play06:25

get certain quotient plus the remainder

play06:27

so this means

play06:28

i'm going to replace this by the

play06:30

remainder so that

play06:32

so the remainder here is 121 so that

play06:35

when this

play06:36

remainder is brought here and subtracted

play06:38

from here 123 will divide the difference

play06:41

this is what the congress means so we

play06:43

have 123.

play06:44

now x1 is considered as 121.

play06:48

similarly let's generate x2 number which

play06:50

is 5

play06:51

into now instead of this seed which is

play06:54

73 i'm going to use the next number

play06:56

which is generated that is 121

play06:59

so we have here 121 plus 2

play07:02

and again repeat the same process i am

play07:04

going to first multiply 5 into 121

play07:07

plus 2. so we get 607 mod

play07:10

123 which is further congruent to 115

play07:14

mod 123 so you can note that if i divide

play07:18

607 by 123 the remainder that i get

play07:22

correspondingly

play07:23

is 115 so 107 minus 115 divided by 123

play07:29

is i get the output as

play07:30

4 so this means now i get this as a

play07:33

quotient this becomes my quotient

play07:35

correspondingly

play07:36

so this is least remainder and similarly

play07:39

we can generate

play07:40

x3 which is 5 into 105 the next

play07:44

seed plus 2 which is in the same format

play07:48

i am just writing now the reduced number

play07:49

that is 85 model of 123

play07:52

and then we can generate x4 which is

play07:54

congruent to 5

play07:56

into 85 plus 2 which is further

play07:59

congruent to 58

play08:00

in the reduced list mod 123. now these

play08:03

number which i have generated here

play08:06

so the initial x naught that was 73

play08:09

then we generated 121 then we generated

play08:11

115

play08:13

85 58 these are we call it as random

play08:17

number and

play08:18

in a specific notation you may call this

play08:20

as a pseudo random number

play08:22

because they are not truly random number

play08:24

we have generated these through a

play08:25

formula which is this

play08:27

so now you may use a different linear

play08:29

congruential formulas

play08:30

correspondingly once you understand the

play08:32

concept of generating numbers

play08:34

we can use a different recurrence

play08:36

relations also to generate the

play08:38

random numbers now in various situation

play08:40

we require random bit sequence instead

play08:43

of the random numbers

play08:44

so suppose that we have generated the

play08:46

random number in the same order

play08:48

i have taken x naught as 73 we got

play08:51

x 1 which is 121 and then we got

play08:55

x2 as a 115 we got

play08:58

x3 as 85 and we got x4 as

play09:02

58. so corresponding to this what we can

play09:05

do is we can further associate

play09:07

to generate the bits of the sequence

play09:09

that is 0 and once

play09:10

we can take the condition with respect

play09:12

to modulo 2.

play09:13

so if i take x naught which is 73

play09:17

and 73 is congruent to 1

play09:20

mod 2. so you can see that because 73 is

play09:23

an odd number

play09:24

so i have to so the remainder will be 1

play09:27

so to get the sequence in terms of the

play09:29

bits so if we further take this with

play09:31

respect to modulo 2.

play09:33

now in the same way if i want to

play09:35

generate with respect to x1

play09:37

this is 121 and 121 is also congruent to

play09:40

1 mod 2.

play09:41

now continue doing like this so x2 which

play09:44

is 115

play09:45

this is also congruent to 1 mod

play09:48

2 and then x3 which is 85 and 85 is

play09:53

further congruent to 1

play09:54

mod 2 and then we got x 4

play09:57

which is even that is 58 58 is congruent

play10:01

to 0

play10:01

mod 2. so had we generated certain more

play10:04

numbers in this

play10:04

row we could uh correspondingly generate

play10:07

some more numbers in this one so what

play10:09

are the random bits that we have

play10:10

generated

play10:11

so we got random bits as 1 1

play10:15

1 1 0 and continue like this sequence

play10:19

so now again uh if we want to generate

play10:22

the random numbers in the bit sequence

play10:24

because there are very

play10:25

various crypto graphic algorithms such

play10:28

as stream cipher where we do require

play10:30

zeros and one

play10:31

so you can generate the random bits in

play10:33

this order

play10:34

as well but again this is uh this is not

play10:37

very secure

play10:38

because we consider that uh if we look

play10:41

at from the attack point of view

play10:43

uh there is a possibility that the

play10:46

probability of depicting the future bits

play10:50

or the next bit

play10:51

is half so that means this method would

play10:53

be considered as 50

play10:55

secure and 50 vulnerable

play10:58

so but that's it for this particular

play11:00

method and in the next

play11:01

video i'll be talking about blum blum

play11:03

shop pseudo random bit generator

Browse More Related Video

Discrete Log Problem - Applied Cryptography

Pseudorandom Number Generator (PRNG)

Digital Signature Algorithm (DSA) - Cryptography - Practical TLS

Explained simply: How does AI create art?

#21 Python Tutorial for Beginners | For Loop in Python

ECAP268 - U01L04 - Fixed point and floating point representation

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Related Tags
Random NumbersPseudo-RandomSimulationCryptographyAlgorithmsLinear CongruenceModulo OperationSeed ValueRandom BitsBlum Blum