rand() ^ rand() 的熵显着降低了多少?
假设一个与语言无关的设置,其中 rand() 函数具有完美的实现,并返回一个非常大(比方说 128 位)、强随机无符号整数,我应该有相当低的机会获得考虑到RNG的时期,两次相同的数字将是一个天文数字。
a = rand(); // very very low chances of getting twice the same number
但是,如果我对两个这样的随机整数进行异或,输出的熵会显着降低吗?换句话说,
def xorRand(): return rand() ^ rand();
与我假设的单独的 rand() 相比,这样的函数返回两倍相同数字的机会有多糟糕?
Assuming a language-agnostic setup in which the rand() function has a flawless implementation and returns a very large (let's say 128 bits), strong random unsigned integer, I should have fairly low chances of getting the same number twice considering the period of the RNG would be astronomically huge.
a = rand(); // very very low chances of getting twice the same number
However, if I XOR two such random integers, how significantly is the entropy of the oputput decreased? In other words, how worse are the chances that such a function:
def xorRand(): return rand() ^ rand();
returns twice the same number, compared to my hypothetical rand() alone?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
假设您有一个 1 位 PRNG。可能的结果是:
所以在我看来似乎没有什么区别。
Suppose you had a 1-bit PRNG. The possible outcomes are:
So it looks to me as if it makes no difference.
如果
rand()函数如您所说是一个很好的实现,那么使用rand()或xorRand()之间没有区别,除了后者需要两倍的时间。如果使用了所有 128 个输出位,
rand()将以相同的概率返回每个数字,因此它将有机会 1:2**128 返回与之前相同的数字。 xorRand() 也是如此,因为 XOR 函数是“对称”的,并且为两个均匀分布的输入返回均匀分布的输出。仅当您使用错误的
rand()实现或使用不同的“不对称”运算符(如 AND)时,这种情况才会改变。请注意,对于不良的
rand()实现,使用xorRand()通常甚至会提高熵,我认为rand()< /code> 交替返回一个好的随机数和 0。顺便说一句,如果你想防止你的随机函数生成相同的数字两次,你可以自己做,例如使用 shuffle 算法。有很多关于此问题的问题和答案(例如 这个)。
If the
rand()function is a good implementation as you said, there's no difference between usingrand()orxorRand()except that the latter takes twice the time.If all of the 128 output bits are used,
rand()will return each number with the same probability, so it will have chance 1:2**128 to return the same number as before. Same forxorRand(), as the XOR function is "symmetric" and returns equally distributed outputs for two equally distributed inputs.This will only change if you either use a bad
rand()implementation or a different "assymetric" operator like AND.Note that using
xorRand()often will even improve entropy for badrand()implementations, f.e. think of arand()that alternately returns a good random number and 0.By the way, if you want to prevent your random function to generate the same number twice, do it yourself, f.e. by using a shuffle algorithm. There are many SO questions and answers that deal with this (like this one).