Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Project Development
Re: Transparent Random Number "Generation"
by
lulzplzkthx
on 18/06/2011, 22:19:00 UTC
Quote from: bitlotto on June 18, 2011, 05:42:38 PM
Interesting. The problem is NO MATTER WHAT, people don't trust computers for truly random numbers. Even if it truly is. They'll think your computer is defective. Hacked or somehow altered after the fact. For small lotteries your method is fine. For bigger ones I don't think you'll find any lottery worth a lot of money using computers for the numbers. They all use some type of balls in a dome or some type of physical device. People trust those. They understand it better why you can't manipulate it. Computer randomness is beyond most people. Since they don't get it, they don't trust it. That's pretty much why I eventually just decided to use "real world" lottery numbers into mine. WAY easier to explain why it's impossible to manipulate the outcome.
Random.org does not use pure computer randomization functions:
RANDOM.ORG offers true random numbers to anyone on the Internet. The randomness comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs. People use RANDOM.ORG for holding drawings, lotteries and sweepstakes, to drive games and gambling sites, for scientific applications and for art and music.

However, your argument is enough to dispel the mt_rand() argument (which is, of course, MUCH better than rand(). I created a gist on GitHub awhile ago to display the differences [note there isn't a big difference on Linux]: https://gist.github.com/1011023).

Quote from: CAFxX on June 18, 2011, 06:24:20 PM
Since we're talking bitcoin, then the most sensible way would be
- Take the N last confirmed blocks at time of extraction
- Hash them
- Sign hash with private key
- Treat the signed hash as a huge random integer - extract from it the random number(s) needed for your lottery.
- Anyone can verify that you haven't made it up by verifying the signed hash (using your public key) against the hash of the well-known last N confirmed blocks at time of extraction
- Profit!
This does not only need to be used for Bitcoin. This is useful in any number of scenarios with users who don't want to trust the owner of the website for their "randomization".