为什么这个伪随机数发生器(LFSR)的输出是如此可预测的?[英] Why are the outputs of this pseudo random number generator (LFSR) so predictable?

本文是小编为大家收集整理的关于为什么这个伪随机数发生器(LFSR)的输出是如此可预测的?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

最近我在这里问,如何在硬件中生成随机数,并被告知使用LFSR.它将是随机的,但会在一定值后开始重复.

问题是生成的随机数是可以预测的,以至于可以很容易地猜测下一个值.例如,检查以下模拟:

在此处输入图像说明

可以通过将上一个数字添加给本身+1来猜测下一个"随机"数字.有人可以验证是否正常并且可以预期.

这是我用于LFSR的代码:

    module LFSR(
    input clock,
    input reset,
     output [12:0] rnd 
    );

wire feedback = rnd[12] ^ rnd[3] ^ rnd[2] ^ rnd[0]; 

reg [12:0] random;

always @ (posedge clock or posedge reset)
begin
    if (reset)
        random <= 13'hF; //An LFSR cannot have an all 0 state, thus reset to FF
    else
        random <= {random[11:0], feedback}; //shift left the xor'd every posedge clock
end

assign rnd = random;

endmodule

从这里拿起零件的位置:桌子第5页

推荐答案

lfsr仅生成一个每个时钟随机位.它不会在每个周期生成新的(在您的情况下)13位数字. rnd中的其他12位只是旧的随机值,因此它不会看起来很随机.

如果您需要13位随机数,则必须每13个周期采样LFSR,或者与不同种子并行放置13个LFSR,并将13个零位作为您的随机数.

其他推荐答案

在任何实际意义上,LFSR肯定不是"随机".引用冯·诺伊曼(von Neumann):"任何认为产生随机数字的算术方法的人当然都处于罪恶状态."我还没有查看您选择的反馈术语是否最大,这意味着它们将提供一个等于LFSR中的位数的序列,但这是您可以做的最好的.

是的,LFSR中的下一个值是极其预测的.如果您需要更牢固地"随机"的东西,则需要研究加密方法,这些方法当然取决于秘密键,并且在计算上也比LFSR更重要.但是,您"得到了要付费".

顺便说一句,您获得可预测的"随机"数字的系统本身就是非常有用的.通常用于模拟.

本文地址:https://www.itbaoku.cn/post/2091018.html

问题描述

Recently I asked here, how to generate random numbers in hardware and was told to use an LFSR. It will be random but will start repeating after a certain value.

The problem is that the random numbers generated are so predictable that the next value can be easily guessed. For example check the simulation below:

enter image description here

The next "random" number can be guessed by adding the previous number with a +1 of itself. Can someone please verify if this is normal and to be expected.

Here is the code I used for the LFSR:

    module LFSR(
    input clock,
    input reset,
     output [12:0] rnd 
    );

wire feedback = rnd[12] ^ rnd[3] ^ rnd[2] ^ rnd[0]; 

reg [12:0] random;

always @ (posedge clock or posedge reset)
begin
    if (reset)
        random <= 13'hF; //An LFSR cannot have an all 0 state, thus reset to FF
    else
        random <= {random[11:0], feedback}; //shift left the xor'd every posedge clock
end

assign rnd = random;

endmodule

The location of the bits to XOR are picked up from here: The table page 5

推荐答案

LFSR only generates one random bit per clock. It doesn't generate a new (in your case) 13-bit number each cycle. The other 12 bits in rnd are just the old random values, so it will not appear very random.

If you need a 13-bit random number, then you must either sample LFSR every 13 cycles, or put 13 LFSR in parallel with different seeds, and use the 13 zero bits as your random number.

其他推荐答案

An LFSR is most certainly not 'random' in any real sense whatsoever. To quote Von Neumann "Any one who considers arithmetical methods of producing random digits is, of course, in a state of sin." I haven't looked up whether the feedback terms you've chosen are maximal, meaning that they'll provide a sequence with a length equal to the number of bits in your LFSR, but that's the best you can do.

So yes, the next value in your LFSR is extremely predictable. If you need something more securely 'random' you need to look into cryptographic methods, these depend on a secret key of course, and are also much more computationally intensive than an LFSR. You 'get what you pay for' though.

Incidentally, a system where you get predictable 'random' numbers is highly useful in it's own right. Usually for simulation purposes.