473,326 Members | 2,023 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

Random strings of character and some stats

Hello,

I've got two random number/statistics questions I'd like you to
review. My first question is not directly related to PHP, but will be
implemented in PHP, as explained in my second question, so let's go:

I want to generate 10000 strings of x characters, with one chance (or
less) on a million that you can guess them by just randomly typing
them. So I need to know what is the value of x.

I wrote the following equation :

36^x/10000 = 1000000
<=> 36^x = 10000 * 1000000
<=> 36^x = 1010
<=> x = ln(1010)/ln(36)
<=> x = 23.025850929940456840179914546844/3.5835189384561100016249547167614
<=> x = 6.4254860446923437997173954827712

So, a 7-characters string would be good enough.

So my first question is: is my reasoning OK? Knowing my math
abilities, I doubt it very much! ;)

The second question I have is related to PHP's rand() function. I've
read many times that rand() is not random enough, especially when
generating long lists of this kind. Would you use something that's
more powerful than rand(), are there stronger random functions, within
PEAR for instance, or anything?

Thanks,
JFLac
Jul 17 '05 #1
6 2558
On 2 May 2005 13:55:18 -0700, jf********@gmail.com (Jean-Fran?ois Lacrampe)
wrote:
I've got two random number/statistics questions I'd like you to
review. My first question is not directly related to PHP, but will be
implemented in PHP, as explained in my second question, so let's go:

I want to generate 10000 strings of x characters, with one chance (or
less) on a million that you can guess them by just randomly typing
them. So I need to know what is the value of x.
I'm not 100% clear on the "them" in the sentence; are you saying you want less
than 1/1000000 chance of guessing ONE of the 10000 strings, or 1/1000000 chance
of guessing the ENTIRE SET of 10000 strings?
I wrote the following equation :

36^x/10000 = 1000000
Depends on the interpretation above. Not sure I get how the 10000 is involved
here though.
<=> 36^x = 10000 * 1000000
<=> 36^x = 1010
10000 * 1000000 = 1010 ? Is that supposed to be 10^10 ?
<=> x = ln(1010)/ln(36)
<=> x = 23.025850929940456840179914546844/3.5835189384561100016249547167614
Apparently so :-)
<=> x = 6.4254860446923437997173954827712

So, a 7-characters string would be good enough.
If you want at worst 1/1000000 chance of guessing any string, isn't the number
of strings irrelevant if they're random?

i.e. it's just

36^x > 1000000
=> x > ln(1000000)/ln(36)
=> x > 3.855

So minimum number of chars = 4.

(36^3 = 46656, 36^4 = 1679616)
The odds of guessing ALL the strings surely head well out of the 1 in 1000000
range for 10000 strings very quickly...
So my first question is: is my reasoning OK? Knowing my math
abilities, I doubt it very much! ;)

The second question I have is related to PHP's rand() function. I've
read many times that rand() is not random enough, especially when
generating long lists of this kind. Would you use something that's
more powerful than rand(), are there stronger random functions, within
PEAR for instance, or anything?


mt_rand() uses the Mersenne Twister pseudorandom algorithm, which is typically
better (and as a bonus it's faster too).

If you want to get really serious you'll need to base it on some sort of truly
physical phenomenon, e.g. with RNG hardware, which is often based on random
thermal fluctuations.

--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool
Jul 17 '05 #2

Andy Hassall wrote:
If you want at worst 1/1000000 chance of guessing any string, isn't the number of strings irrelevant if they're random?


No, because each additional string means an additional try. Think of it
this way: A person comes with a number of letters randomly and the
computer tries 10000 times to guess it.

Jul 17 '05 #3
Andy Hassall wrote:
I'm not 100% clear on the "them" in the sentence; are you saying you want less than 1/1000000 chance of guessing ONE of the 10000 strings, or 1/1000000 chance of guessing the ENTIRE SET of 10000 strings?
I meant the odds of guessing any of the 10000 strings, of course! :-)
The odds of guessing the entire set must be really, really low!
10000 * 1000000 = 1010 ? Is that supposed to be 10^10 ?
Well, I wrote the equation in another editor who was sooo happy to show
me it was able to display the 10^10 graphically. Too bad it forgot to
copy/paste it back to me with the circumflex.
If you want at worst 1/1000000 chance of guessing any string, isn't the number of strings irrelevant if they're random?
Well, keeping in mind my very 'intuitive' and weak knowledge of math,
I'd guess that the more strings you put in the list, the more chances
you have to guess one (any) of them. If for instance I had a list long
enough to contain all the possible combinations, the odds would be 1/1,
right? If you divide the list by two, the odds are 1/2. And so on.
So the number of items in the list seems to matter: that's how I came
with the 10000 * 1000000 thing (by doing lots of intermediate and
stupid steps on a sheet of paper).

I'm not sure at all that I put the 10000 where I should have in the
equation, though, hence my initial question.

Now, I'm talking about things I don't understand (math) in a language
that isn't my native language and I reckon that I'm a bit awkward at
explaining my thoughts. :-)
mt_rand() uses the Mersenne Twister pseudorandom algorithm, which is typically better (and as a bonus it's faster too).

If you want to get really serious you'll need to base it on some sort of truly physical phenomenon, e.g. with RNG hardware, which is often based on random thermal fluctuations.


I could also use a webcam on a lava lamp and produce my results using
the webcam info, but I guess I don't need that randomness. I just
wanted to know what was my best bet with what PHP can give me, with
minimal hassle. ;-)

Thanks for your answers,
JFLac

Jul 17 '05 #4
NC
Jean-Francois Lacrampe wrote:

I want to generate 10000 strings of x characters, with one chance (or
less) on a million that you can guess them by just randomly typing
them. So I need to know what is the value of x.
OK, one in a million chance of successfully guessing 10,000 strings
equals 0.9986 chance of successfully guessing a single string:

0.9986 ^ 10000 = 8.23412E-07 ~ 1E-06 (one in a million)

In other words, even if you are virtually certain to get a single
string right, it's still virtually impossible to get 10,000 of them
right. So a one-character string will suffice. In fact, even a
one-bit value (0 or 1) would be an overkill. :)
The second question I have is related to PHP's rand() function. I've
read many times that rand() is not random enough, especially when
generating long lists of this kind. Would you use something that's
more powerful than rand(), are there stronger random functions, within PEAR for instance, or anything?


Check out mt_rand():

http://www.php.net/mt_rand

Cheers,
NC

Jul 17 '05 #5
NC wrote:
Jean-Francois Lacrampe wrote:

I want to generate 10000 strings of x characters, with one chance (or less) on a million that you can guess them by just randomly typing
them. So I need to know what is the value of x.


OK, one in a million chance of successfully guessing 10,000 strings
equals 0.9986 chance of successfully guessing a single string:

0.9986 ^ 10000 = 8.23412E-07 ~ 1E-06 (one in a million)


As I said in another branch of the thread, I wasn't clear enough: I
meant 'one chance (or less) on a million that you can guess _any_ of
them'.

Anyway... Here's the code I wrote to generate my 10000 strings, just in
case it's useful to somebody browsing the archives, someday. The
random function is pretty much the same as the one you see on every php
tutorial, but it uses mt_rand() instead of rand() as many of you have
advised me. and I wrote a (very inefficient) dupe checker.
Optimizations and ideas are welcome, but that's just for the fun of it:
I'll generate these strings just once, so it doesn't matter if it takes
one full minute, it will only be ran once. :-)

<?php
set_time_limit (600); // We need this because of the time-consuming
// in_array()
$values = array();
function random_string() {
$allowed_chars = "0123456789AZERTYUIOPQSDFGHJKLMWXCVBN";
mt_srand((double)microtime()*1000000);
$string = 'A'; // I put a control char at the start of my
// password just in case I want to generate
// a second, third,... series in the future.
for($i = 0 ;$i <= 6; $i++) {
$position = mt_rand()%36;
$temp = substr($allowed_chars, $position, 1);
$string .= $temp;
}
return $string;
}

// The odds are low, but it's possible that the same string
// is generated twice. So I check if each new string found
// isn't in the previous string found in the array, but it
// slows down the script, which is not a problem in my
// case, but I welcome optimizations ideas.

// If a dupe is detected, I just decrement $i, which forces
// the loop to loop once more for this value of $i.

for ($i = 1 ; $i <= 10000; $i++) {
if (!in_array($string,$values)) {
$values[$i] = random_string();
} else {
$i--;
}
}
echo '<pre>';
print_r ($values);
echo '</pre>';
?>

JFLac

Jul 17 '05 #6
On 3 May 2005 03:44:19 -0700, "Jean-François Lacrampe" <jf********@gmail.com>
wrote:
Well, keeping in mind my very 'intuitive' and weak knowledge of math,
I'd guess that the more strings you put in the list, the more chances
you have to guess one (any) of them. If for instance I had a list long
enough to contain all the possible combinations, the odds would be 1/1,
right? If you divide the list by two, the odds are 1/2. And so on.
So the number of items in the list seems to matter: that's how I came
with the 10000 * 1000000 thing (by doing lots of intermediate and
stupid steps on a sheet of paper).


Ah, yes of course. OK, I agree with your maths, looks right.

--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool
Jul 17 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

21
by: Andreas Lobinger | last post by:
Aloha, i wanted to ask another problem, but as i started to build an example... How to generate (memory and time)-efficient a string containing random characters? I have never worked with...
16
by: Paul Prescod | last post by:
I skimmed the tutorial and something alarmed me. "Strings are a powerful data type in Prothon. Unlike many languages, they can be of unlimited size (constrained only by memory size) and can hold...
14
by: Miranda | last post by:
Hi, I have a ASP/vbscript program that generates random passwords. The problem is I need to insert those passwords into an Access database of 327 clients. I have the random password program...
7
by: eric.gagnon | last post by:
In a program randomly generating 10 000 000 alphanumeric codes of 16 characters in length (Ex.: "ZAZAZAZAZAZAZ156"), what would be an efficient way to ensure that I do not generate duplicates? ...
14
by: avanti | last post by:
Hi, I need to generate random alphanumeric password strings for the users in my application using Javascript. Are there any links that will have pointers on the same? Thanks, Avanti
9
by: Robert Mago | last post by:
Is there a way to create a 10 characthers or less, alph-numeric string which is unique. I can't use the guid since its longer then 10 characthers. Also i cannot use a random number, since being...
38
by: Andrea | last post by:
Hi, Anyone could me suggest how to create a function that generates a random string? The function should be: int _RandomString(char** str,int len); so, it takes an empty string str and it puts...
22
by: Ivan Voras | last post by:
Hi, I have a list of items, and need to choose several elements from it, "almost random". The catch is that the elements from the beginning should have more chance of being selected than those...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.