Bounds on Fixed Input/Output Length Post-processing Functions for Biased Physical Random Number Generators

  • Kyohei Suzuki
  • Tetsu Iwata
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5381)


Post-processing functions are used to reduce the imperfectness of physical random number generators. At FSE ’07, Dichtl considered the case where the physical random number generator outputs independent bits that have a constant bias, and the post-processing function has fixed input and output lengths. In this paper, we first present a number of bounds on deg(n,m), which is a measure of the reduction of biases with n-bit input and m-bit output post-processing functions. We next show the exact values of deg(n,m) for a large class of (n,m) such that 1 ≤ m ≤ n ≤ 16, by using the bounds on deg(n,m) and a computer simulation. We finally discuss how we have derived these numerical values.


physical random number generator bias post-processing entropy extractor 


  1. 1.
    Barak, B., Impagliazzo, R., Wigderson, A.: Extracting randomness using few independent sources. SIAM J. Comput. 36(4), 1095–1118 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Barak, B., Kindler, G., Shaltiel, R., Sudakov, B., Wigderson, A.: Simulating independence: New constructions of condensers, Ramsey graphs, dispersers, and extractors. In: 37th STOC, pp. 1–10 (2005)Google Scholar
  3. 3.
    Barker, E., Kelsey, J.: Recommendation for random number generation using deterministic random bit generators (revised). NIST Special Publication 800-90 (2007),
  4. 4.
    Bierbrauer, J., Gopalakrishnan, K., Stinson, D.R.: Bounds for resilient functions and orthogonal arrays. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 247–256. Springer, Heidelberg (1994)Google Scholar
  5. 5.
    Blum, M.: Independent unbiased coin flips from a correlated biased source: A finite Markov chain. Combinatorica 6(2), 97–108 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Bourgain, J.: More on the sum-product phenomenon in prime fields and its applications. International Journal of Number Theory 1, 1–32 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Chor, B., Friedman, J., Goldreich, O., Håstad, J., Rudich, S., Smolensky, R.: The bit extraction problem or t-resilient functions. In: 26th FOCS, pp. 396–407 (1985)Google Scholar
  8. 8.
    Chor, B., Goldreich, O.: Unbiased bits from sources of weak randomness and probabilistic communication complexity. SIAM J. Comput. 17(2), 230–261 (1988)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Davis, D., Ihaka, R., Fenstermacher, P.: Cryptographic randomness from air turbulence in disk drives. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 114–120. Springer, Heidelberg (1994)Google Scholar
  10. 10.
    Dichtl, M.: Bad and good ways of post-processing biased physical random numbers. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 137–152. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Grassl, M.: Code tables: Bounds on the parameters of various types of codes (2008),
  12. 12.
    Juels, A., Jakobsson, M., Shriver, E., Hillyer, B.K.: How to turn loaded dice into fair coins. IEEE Trans. Inform. Theory 46(3), 911–921 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Lacy, J.B., Mitchell, D.P., Schell, W.M.: Cryptolib: Cryptography in software. In: Proc. 4th USENIX Symposium (1993)Google Scholar
  14. 14.
    Lacharme, P.: Post-processing functions for a biased physical random number generator. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 334–342. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  16. 16.
    Nisan, N., Ta-Shma, A.: Extracting randomness: A survey and new constructions. JCSS 58(1), 148–173 (1999)MathSciNetzbMATHGoogle Scholar
  17. 17.
    Peres, Y.: Iterating von Neumann’s procedure for extracting random bits. The Annals of Statistics 20(3), 590–597 (1992)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Raz, R.: Extractors with weak random seeds. In: 37th STOC, pp. 11–20 (2005)Google Scholar
  19. 19.
    Santha, M., Vazirani, U.V.: Generating quasi-random sequences from semi-random sources. JCSS 33, 75–87 (1986)zbMATHGoogle Scholar
  20. 20.
    Schneier, B.: Applied cryptography. John Wiley & Sons, Inc., Chichester (1996)zbMATHGoogle Scholar
  21. 21.
    Shaltiel, R.: Recent developments in explicit constructions of extractors. Bulletin of the European Association for Theoretical Computer Science (EATCS), 77 (2002)Google Scholar
  22. 22.
    Shaltiel, R., Umans, C.: Simple extractors for all min-entropies and a new pseudo-random generator. JACM 52(2), 172–216 (2005)CrossRefzbMATHGoogle Scholar
  23. 23.
    Ta-Shma, A.: On extracting randomness from weak random sources. In: STOC 1996, pp. 276–285 (1996)Google Scholar
  24. 24.
    Ta-Shma, A., Umans, C., Zuckerman, D.: Loss-less condensers, unbalanced expanders, and extractors. Combinatorica 27(2), 213–240 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  25. 25.
    Ta-Shma, A., Zuckerman, D., Safra, S.: Extractors from Reed-Muller codes. JCSS 72(5), 786–812 (2006)MathSciNetzbMATHGoogle Scholar
  26. 26.
    von Neumann, J.: Various techniques used in connection with random digits. Applied Mathematics Series, U.S. National Bureau of Standards, vol. 12, pp. 36–38 (1951)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Kyohei Suzuki
    • 1
  • Tetsu Iwata
    • 1
  1. 1.Dept. of Computational Science and EngineeringNagoya UniversityNagoyaJapan

Personalised recommendations