back to article Randomness is a lottery, so why not use a lottery for randomness?

A group of French cryptographers reckons public lotteries are the perfect seed for elliptic curve cryptography. The group from company CryptoExperts and boffins from the Laboratoire de Mathematiques de Versailles in the University of Paris-Saclay playfully calls the scheme the “Million Dollar Curve” (modest in a world where …

  1. Anonymous Coward

    Thank you Richard!

    Much appreciated here.

  2. Smooth Newt Silver badge


    The problem with the NSA's DUAL EC DRBG isn't that it is a bad random number generator. It is that the bad guys know what the random numbers are.

    Here's a random number 3458127. Why not just use that as the seed for all pseudo-random number generator algorithms everywhere? It's public and random, so should be secure...

    1. Benchops

      Re: 3458127

      1. Dr. Mouse Silver badge

        Re: 3458127

        @Benchops you got there before me, have an upvote sir.

  3. AMBxx Silver badge

    It's all nonsense!!!

    I have a secret, passworded, encrypted spreadsheet containing all the numbers drawn on the UK lottery since it began. This helps me identify which numbers have been picked the least. They're most likely to come up next.

    I'm going to be a millionaire once nurse lets me out.

    1. DropBear

      Re: It's all nonsense!!!

      Laugh all you want, but simultaneously both knowing with certainty that the Gambler's fallacy is indeed a fallacy AND being absolutely convinced that in spite of that it so totally works at the same time is no easy fate. So hey - is the nurse at least cute...?

      1. AMBxx Silver badge

        Re: It's all nonsense!!!

        Did you get the copy I sent?

    2. Herbert Meyer

      Re: It's all nonsense!!!

      You could become rich by selling the spreadsheet to the bigger suckers out there.

    3. inmypjs Silver badge

      Re: It's all nonsense!!!

      "once nurse lets me out"

      Picking numbers that have been used the least will give you a higher chance of not having to share a jackpot (apart from with all the other people that are doing it).

      1. AMBxx Silver badge

        Picking numbers that have been used the least

        Another approach is to only select numbers over 31 - that way you avoid clashing with all the people who pick birthday dates.

  4. S.M



    1. Hugh Pumphrey

      Re: BlumBlum-Shub?

      Surprisingly, yes, really. Google it and you get lots of hits about random number generators and none (on the first page) about porn.

    2. Arthur the cat Silver badge

      Re: BlumBlum-Shub?

      More usually Blum Blum Shub (with or without hyphens).

      Or for Lovecraft fans, Blum Blum Shub Niggurath which only seems like it's random because you've been driven mad with terror.

  5. Zog_but_not_the_first

    Is this...

    ... the voice of the balls?

  6. This post has been deleted by its author

    1. The Boojum

      Re: that public lotteries [are] hard to manipulate.

      Have a read of the following: absolutely fascinating.

    2. allthecoolshortnamesweretaken

      Re: that public lotteries [are] hard to manipulate.

      The type of lottery like the one the picture* illustrating the article shows a ticket of are hard to manipulate. Because the winning number is generated live on the spot.

      Stuff like the scratch cards (and any other lottery using predetermined winning numbers) leave far more room for manipulation, especially in the preventing of payouts.

      Historic trivia time: New York gangster Dutch Schulz used to run a numbers game, aka an illegal lottery. Winning numbers and the amount of the winnings (this is the clever bit) were based on the results and quotas of horse races on a regular racetrack. This was in the 1920ies/1930ies - decades before pocket calculators or laptops or smartphones. So (the possibility of the race itself being fixed) the punters in the illegal lottery believed numbers were not manipulated by the mobsters running it - anyone could get the results and winning quotas from the horse races and check them. However, Schulz employed a guy who was some sort of savant and could do numbers in is head like a computer. He used that guys calculations to change the quotas on the racetrack by placing bets himself, thereby lowering the payouts from his own numbers racket.

      *Why a German lottery ticket?

      1. Hud Dunlap
        Thumb Up

        Re: that public lotteries [are] hard to manipulate.

        You beat me to it.

      2. Mephistro Silver badge
        Thumb Up

        Re: that public lotteries [are] hard to manipulate.

        Two weeks ago I watched (on Youtube) an episode of the American TV series "The Untouchables" that depicted these illegal lotteries. The episode is from 1959, but I found it surprisingly nice to watch. And the guest star was a youngish Peter Falk, showing most of the mannerisms he later displayed in "Columbo".


  7. Hud Dunlap

    The numbers racket is better

    The people who run the numbers rackets used to use, -and may still use= the last four digits of the volume of the NYSE. Completely random and easily verifiable.

    1. Anonymous Coward
      Anonymous Coward

      Re: The numbers racket is better

      If you want random sources, I'm sure there is some data you can get somewhere about solar activity levels that would be exceedingly random and impossible for anyone to influence. Well they can't influence the sun, but I guess you'd need to get this data from multiple sources, like say observatories in the US, Russia and China. That would be required to overcome the possibility of someone hacking the site you were getting your numbers from to replace the 'true' solar activity level numbers. If you have your own solar observatory like some universities do, this is less of a concern.

      The problem with any 'public' sources like that is that someone can figure out what your "random" number was. If you use that alone (without mixing it with any 'hidden' sources others won't have access to) then it is very bad if you are e.g. using that as the 'random' input to generate encryption keys.

  8. SoloSK71

    Lacking a job in libraryspace

    I want to work in cryptography and tell people something like "I work with BlumBlum-Shub equations"

  9. JeffyPoooh


    "RANDOM.ORG offers true random numbers to anyone on the Internet. The randomness comes from atmospheric noise..."

    But (as already mentioned) you need to keep your random number a secret. Lotteries don't do that.

    PS: RANDOM.ORG at least uses 'https', in case the 's' helps a bit.

  10. Anonymous Coward
    Anonymous Coward

    The usual solution

    Usually when an algorithm needs some arbitrary/random parameters the cryptographers prescribe the first n primes or digits from pi or something like that. I don't see why lottery numbers would be an improvement over that. Yes, lottery results are hard to manipulate, but they're still easier to manipulate than the value of pi.

  11. Mephistro Silver badge

    Why not use dice instead?

    A list of numbers generated by a ten sided dice is as random as it gets. In my opinion, using numbers from a public source just makes it orders of magnitude easier for the baddies to discover the seed and break the crypto, doesn't it?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020