This action might not be possible to undo. Are you sure you want to continue?

# The Birthday paradox

Operational Research and Optimization (Master EEJSI) Teacher Coordinator : Prof. Emil Simion

Erika Batista - batista.erika@gmail.com Gaël Canal - g.canal@lgpse.com Karim Ziadeh - karim.ziadeh@gmail.com December 2012

Table of contents

I. Introduction ..................................................................................................... 3 II. The Birthday Paradox .....................................................................................4 A. Explanation .................................................................................................4 B. Estimating the probability .......................................................................... 5 C. Birthday paradox vs. Same day probability ................................................ 7 III. The Birthday Paradox in Cryptography ....................................................... 8 A. What is the probability of having a conflict? ..............................................9 B. Practical uses ............................................................................................. 10 1) Hash........................................................................................................ 10 2) MAC (Message Authentication Code) ................................................... 10 IV. Other applications ....................................................................................... 12 A. The pseudo random number generator (PRNG) application ................... 12 B. Applications of the birthday paradox in communication networks ......... 14 V. Reality check ................................................................................................. 15 A. Challenging the hypothesis of uniformity................................................. 15 B. Description of the experimental data ....................................................... 15 C. Experimental process ................................................................................ 16 D. Preparation................................................................................................ 16 E. Experimental results ................................................................................. 18 1) Sample of 10 dates.................................................................................. 18 2) Sample of 23 dates ................................................................................. 18 3) Sample of 30 dates ................................................................................. 19 F. Numerical results....................................................................................... 19 G. Observations.............................................................................................. 19 H. Explanation of the results ........................................................................ 20 1) General distribution of births ............................................................... 20 2) Distribution of experimental data ........................................................ 20 I. Lessons learned .......................................................................................... 21 VI. Conclusion ...................................................................................................22 VII. Annex ......................................................................................................... 24 VIII. Bibliography .............................................................................................. 25

!"#$%&'()*'#'&+,-).+/.01$)'/&)#0'234+#2&)'112".'$"+/5) Operational Research and Optimization (Master EEJSI))

I. Introduction

This paper will study in detail the problem known in probability theory as the Birthday Paradox (or the Birthday problem), as well as its implications and different related aspects we consider relevant. The present study will treat the following topics: ! Definition of the problem ! Concrete check tests of the B-day paradox ! Survey / describe / explain / simulate real life applications of the B-day paradox o In cryptography (hash algorithm) o When unique identifiers are needed o In communication networks o In pseudo-random number generator The purpose of this paper is thus to give the reader a general overview of the general aspects and applications of the Birthday Paradox.

6)

**II. The Birthday Paradox
**

A. Explanation

In order to comprehend this problem, we will start by asking a simple question: in a room of 23 random people, what are the chances of two people sharing the same birthday? The birthday problem concerns the probability that in a set of n random people, two of them will share the same birthday. It belongs in the field of probability theory and is also known as the birthday paradox, not because the answer is illogical, but because most people underestimate this probability thus perceiving it as a paradox. In fact, most people wrongly expect probabilities to be linear, because they only take into account the scenarios that they’re involved in. That means they instinctively consider the probability that someone shares a birthday with them, while in this case the question is clearly about any two people in the room. The answer to our question from the first paragraph is actually 50% (which we will later demonstrate with the mathematical calculations). In a room of 23 people there is a 50% chance that two people will share the same birthday, but as we said most people would underestimate this number thus creating a seemingly paradoxical situation. Another element that comes into play is the pigeonhole principle. It states that “if n + 1 objects are put into n boxes, then at least one box contains two or more objects”1. For instance, if there are 13 people in a room, at least two of them will have their birthday on the same month. According to this logic, the probability of two people having the same birthday would reach 100% when there are 367 people in a room (if we consider February 29), since there are 366 possible birth dates. However, this logic is faulty, since we actually have near 100% probability with far less people, as we will further demonstrate. ) ))))))))))))))))))))))))))))))))))))))))))))))))))))))))

“The Pigeonhole Principle”, The Hong Kong University of Science and Technology, Department of Mathematics. Source: http://www.math.ust.hk/~mabfchen/Math391I/Pigeonhole.pdf (Last visited: December 8th, 2012)

1

**B. Estimating the probability
**

The problem: finding the probability of two people sharing a birthday in a room of 23 people. In order to simplify this problem, and for the sake of the applications at hand, we will make the following assumptions: ! No leap years (no February 29) ! All dates are equally likely (no variations in the distribution)2 One simple way to calculate this probability is by approximating through exponentiation. First of all, the probability of two people sharing the same birthday P(A) could be much more complicated to calculate than the likelihood of two people not having the same birthday P(A’), which is why we will proceed to calculate the latter. A and A’ are the only two possible outcomes (either these people share a birthday or they don’t), therefore 1 ! P(A’) = P(A). In a group of 23 people, using the combinations formula where n is the number of people in the room (in this case 23), and k is the number of elements in the subset, in this case 2, we have 253 pairs:

In order to calculate P’, that is the probability of no two people sharing a birthday; we will examine the first two persons. If there are only two people in the room, the first can have any birthday (365/365 possibilities), but the second must have been born on one of the remaining 364 days. Therefore, the probability of those two persons not having the same birthday can be calculated and expressed as follows:

))))))))))))))))))))))))))))))))))))))))))))))))))))))))

There are several studies that demonstrate that the distribution of birthdays throughout the year is not homogeneous. See: Eric Weinstein’s World of Astronomy. Source: http://scienceworld.wolfram.com/astronomy/LeapDay.html (Last visited: December 8th, 2012); “An Analysis of the Distributions of Birthdays in a Calendar Year”, MURPHY, Roy. Source: http://www.panix.com/~murphy/bday.html (Last visited: December 8th, 2012); “Birthday distribution”, David Gleich’s Notebook. Standford University, 2010. Source: http://www.stanford.edu/~dgleich/notebook/2009/04/birthday_distribution.html (Last visited: December 8th, 2012); “Infographic Illustrates Most Common Birthdays, Baby-Making Days”. ZIMMERMAN, Neetzan. Gawker, 2012. Source: http://gawker.com/5910778/infographic-illustrates-most-common-birthdaysbaby+making-days (Last visited: December 8th, 2012).

2

In order to determine the probability in a room of n people, in this case 23, we then assume that these events are independent from each other and we multiply their probability together C(n,2) times in order to obtain an approximation of the probability. Therefore:

So if

, that means:

The probability that two people share a birthday in a room of 23 people is thus 50% according to this approximation. Now for a method slightly longer, but perhaps more accurate: We’re still calculating P(A’), no one shares a birthday, in order to get to P(A). We keep the same group of 23 people, and because we consider these to be independent events, P(A’) can be obtained through P(1) x P(2) x P(3) x P(4) x … P(n), where n is 23. We can express each event as the given person not sharing their birthday with anyone else. So if we analyze person per person, starting by Person 1 like we did on the first calculations, since there are no previously analyzed people there is 100% chance or 1 probability that no one will share a birthday. Person 2, must be born in one of the remaining 364 days, or a probability of 364/365. As it follows, Person 3 should be born in the remaining 363 days, because he or she can’t share a birthday with Person 1 or 2, an event which has a probability of 363/365, and so on. We do the same analysis for each of the following people, until the probability for Person n not sharing birthday with anyone which is , in this case P(23) = 343/365.

P(A') is equal to the product of these individual probabilities:

Or

Which could also be expressed as follows:

The equation above gives us the following result: P(A') = 0.492703 Therefore, P(A) = 1 ! 0.492703 = 0.507297 (50.7297%) We have thus demonstrated that with only 23 people in a room we can reach the 50% probability threshold that two of them will share a birthday.

**C. Birthday paradox vs. Same day probability
**

As we mentioned above, the reason why most people underestimate the probability of two people sharing the same birthday in a room of n people is because they unconsciously contemplate only the probability of someone else in that room having the same birthday as them. We will now proceed to estimate this probability = q(A).

We end up with a probability of a bit more than 6%. In order to have a probability greater than 50%, we would need to have at least 253 people in the room. Note that 253 is considerably more than half of the days in the year, but given the fact that other people could share birthdays this decreases the chance of sharing a birthday with you. The following chart illustrates the stark difference between the probabilities we just compared:

Birthday Problem vs Same day probability

)

**III. The Birthday Paradox in Cryptography
**

The Birthday paradox exists in many different situations. In the present chapter we are going to talk about its occurrence in Cryptography. Cryptography is known as the art of protecting information by transforming it into an unreadable format. Computing-wise, hashing in cryptography is a oneway operation that transforms a stream of data into a more compressed form called a message digest. All of the message digests or hash values generated by a given hash function have the same size regardless of the size of the input value. Cryptographic hash functions are therefore a valuable tool in cryptography. They are applied in numerous areas of information security to guarantee the authenticity of messages. A hash function H is a transformation that takes a variable-size input m and returns a fixed-size output, which is called the hash value h (that is, h = H(m)). The basic requirements for a cryptographic hash function are: • The input can be of any length, • The output has a fixed length, • H(x) is relatively easy to compute for any given x Hypothetically, there are no collisions in Hash functions, while the birthday paradox contradicts that. In fact, it is computationally possible to find any two messages x and y such that H(x) = H(y), even when using a “strongly collisionfree hash function”. A problem would surely occur when finding a collision in some type of cryptographic hash function.

**A. What is the probability of having a conflict?
**

The General Birthday paradox case, as we have seen before, analyses the probability that two people in a room have the same birthday:

> " for n = 23 Now if we take a hash function H, with n possible outputs and a known hash value H(x), If H is applied to k random inputs, then what is the smallest k such that the probability of having at least one input y from the set k satisfying H(y) = H(x) is 0.5? • If k = 1, then the probability of having at least one input y from k such that H(y) = H(x) = . On the other hand, the probability of having at least one input y from k such that H(y) #H(x) = • If k > 1 random inputs are generated, then the chances that none of them satisfies H(y) = H(x) is equal to the product of the probability that each of them satisfies H(y) # H(x) and it is equal to: K times Thus, the probability of having at least one match can be approximated to:

This is the main reason why the size of the hash value of modern hash functions is required to be large enough to make a birthday attack computationally infeasible.

B. Practical uses

1) Hash If hash values have n bits, it should take 2n tries to find a key mapping to a given hash value, and tries to find two keys that map to some common hash value. Therefore the one-way function is considered broken.

2) MAC (Message Authentication Code) MAC is a short piece of information or a security code that is typed in by a computer user in order to access accounts or portals. Just like hash, MAC functions possess different security requirements. This is how we compute an authentication tag: Message authentication: tag = MAC(key, M) Sender sends (M, tag) Receiver verifies that tag matches M Authentication with HMAC: tag=H(key | M) subject to extension attacks tag=H(M | key) relies on collision resistance HMAC: Compute tag = H(key | H(key | M)) M $ (key|M) looks random when key is secret

There are collisions, but it is barely affected by them.

**IV. Other applications
**

In substance, the birthday paradox shows that it is much easier to find a collision when both elements of the pair are not fixed. This is true when assuming an homogeneous probability distribution of the outcomes, but it also stands true for non-homogeneous distributions: actually, when the target distribution is not random, the collision hazard is even greater than in the case of pure randomness. These properties can be used beneficially in various types of instances: 3 It can help to estimate the true randomness of data: the more the probability of collisions converges to the theoretical limit, the more it is close to a homogeneous distribution and thus the more it is random. It can help to optimize the chance of collision in the case of homogeneously distributed outcomes, be it desirable (communication networks) or less desirable events (hash collisions).

3

**A. The pseudo random number generator (PRNG) application
**

PRNG are used in a variety of computer-based applications to circumvent the limits of true random number generators. Although true random number generator can be (and are) conceived, they have to respect a number of requirements in order to achieve their goal. This makes them suboptimal for applications that require a high amount of random data. PRNG are thus bridging the gap to fulfill this need by providing a reasonably random suite of numbers, while maintaining a good rate of (pseudo-) randomness availability. Also, they are used when large and « reproducible » random data is required – such as in symmetric key cryptography applications. Usually, PRNG take the form of a function, which is initialized with a true random value (the seed3) and then produces data by iterating indefinitely. Depending on the target applications, one could select a very fast function, or very secure (close to random) function and seed. ))))))))))))))))))))))))))))))))))))))))))))))))))))))))

The size (in bits) of the seed does influence the period of the generated data. Depending on the associated function, if the seed is n bits large, the period is at best -1

3

For secure applications, one would select a PRNG that has the widest possible period and the most uniform distribution for any possible seed. The birthday paradox can help checking the randomness of the PRNG: if the chances to find a collision between two values converge to the theoretical values then the distribution is uniform, which makes it a near-true random. Also, the birthday paradox can be used to attack weak implementations of PRNGs. An example of this problem is the DNS-cache poisoning attack which relies on various weaknesses of DNS servers implementations among which the PRNG used for the generation of a 16 bits « security » value meant to authenticate an authoritative answer.4 Coupled with deterministic UDP port allocation, this weak 16bits PRNG is a good example of target for a birthday attack: no connection (UDP), guessable answer port – one attacker would only have to use as little as 300 tries to get 50% chance of a matching guess, and 500 to get nearly 100%.

))))))))))))))))))))))))))))))))))))))))))))))))))))))))

“Domain Name Servers’ Pseudo-Random Number Generators and DNS Cache Poisoning Attack” SZMIT et al. Source: http://maciej.szmit.info/documents/szmit_tomaszewski_szmit_DNS_ebook.pdf (Last visited: December 8th, 2012).

4

**B. Applications of the birthday paradox in communication networks
**

This use of the birthday paradox is interesting, because it takes advantage of the predictable risk of collision to achieve certain goals.5 One of them is to optimize the power consumption of communicating nodes of a wireless sensor network: the idea here is to optimize the duration and frequency of wake-up time of the transmission stages to minimize power consumption (or alternatively to maximize network lifetime), while maintaining a good probability of meet-up events in order for the nodes to be kept up-to-date (whether it is for transmitting or receiving data), all this without a synchronization clock readily available (because that would require power, reliable transmission media, etc.). The birthday paradox, in this case, is used as a statistically reliable mean to guarantee that two unsynchronized devices can find a suitable communication slot, while preserving power. The general idea is to divide a period T into n fixed length intervals amongst which the nodes will choose m intervals where they will go into idle (listening) mode, whereas for the n-m other they will go into sleep (low energy consumption) mode. The birthday paradox will quickly give a good probability of finding matching slots, and since the sleep mode consumes nearly no energy, the saved power is roughly the ratio , giving a straightforward linear relationship. It is then only a matter of deciding the level of guarantee needed for the given network, as well as the objectives in terms of power savings. The probabilistic calculus shows, as one could expect that: 3 the smaller m, the more energy is saved

A few examples: “An Efficient Continuous Neighbour Discovery in Asynchronous Sensor Networks”. RAMAKRISHNA, Siva and BHAVANI, Ganga. International Journal of Computer Application, Issue 2, Volume 1, February 2012. Available: http://rspublication.com/ijca/feb-12/21.pdf (Last visited: December 8th, 2012); “Definitions of Managed Objects for Asymmetric Digital Subscriber Line 2 (ADSL2)”. The Internet Society (2006). Source: http://www.ietf.org/rfc/rfc4429.txt (Last visited: December 8th, 2012); http://monarch.cs.rice.edu/~santa/research/powermode/powermode.pdf

5

))))))))))))))))))))))))))))))))))))))))))))))))))))))))

3 3

the bigger m/n the more probable the meet up events are the smaller n, the less time is necessary before a first match.

Thus, in this case, the algorithm takes advantages of the birthday paradox by randomly generating a local sleep/idle map, with carefully chosen n and m values, to offer a good statistical guarantee of a matching non-sleep state between communicating nodes. This is then used in conjunction with the SIM (Sleep indication map) received from the network to generate a SIT (Sleep indication table) that will then be used to select the communication slots (the matching non sleep state) The used algorithm then takes care of handling the special cases (e.g.: if no matching slot found, transmit immediately).

)

V. Reality check

A. Challenging the hypothesis of uniformity

As previously mentioned, for the sake of simplicity, the Birthday Paradox equations make the assumption that the probability of the 365 possible year’s dates is uniformly distributed, and simply ignore the 29 February exception. With this in mind, and provided one would use a true random generator to create a sample space (thereby respecting the uniform distribution), he would find a perfect match between experimentation and theory. However, can we safely assume the uniform distribution of the probabilities? What would be the consequences otherwise?

**B. Description of the experimental data
**

In order to check this, we had to find a source of real dates. The genealogy tree of one of us conveniently provided a list of 6227 birthdates and 4883 death dates. Interestingly, no occurrence of the 04/29 was found in the birthdates list, whereas 3 were found in the death dates.6

))))))))))))))))))))))))))))))))))))))))))))))))))))))))

Of course, there is no statistical conclusion to be deduced from this, but the birthdates list matches the theory assumption n°2, thus leaving only the assumption n°1 as a variable.

6

C. Experimental process

Our approach was to divide a given list (birth or death) into smaller sets of 10, 23, and 30, then to apply the binomial model to find the converging value (the selected value has to leave a reasonable number of experiments to find the convergence with an acceptable error margin). In this model, the event we are looking for is the event of having at least one matching pair within the sample. It is given the value 1.

D. Preparation

The original data source was first prepared according to our needs (flat files with each line containing a day+month date) The program below, written in python, does the calculations and graph operations: 3 While it is possible to read a sample of n dates from the file, o Check if the sample has duplicates, and increment total of events if yes o Calculate and store mean(n) and sigma(n) in an array Draw the graph (red dots for the mean, blue line for sigma, green line for the expected value, legend…) for the expected value, legend..)

3 3

import matplotlib.pyplot as plt import numpy as np import matplotlib.mlab as mlab import pylab as pl import collections as col def stdDev(X): mean = sum(X)/float(len(X)) tot = 0 for x in X: tot+=(x-mean)**2 return (tot/float(len(X)))**0.5 def hasDup(X): dic = {} # print "=============================" for y in X: if (y in dic): # print " + " + str(y) return 1 dic[y]=1 # print "-" + str(y) return 0 def graph(datafile,sample_len): source = [] source = np.loadtxt(datafile)

xAxis = [] ratios= [] means = [] sigmas = [] data = [] total = 0; # create 23-uple arrays data = [source[i:i+sample_len] for i in range(0, len(source), sample_len)] # print data[0] # print len(data) for num_sample in range(0,len(data)): xAxis.append(num_sample) sample = data[num_sample] # outcome = 1 if matching birthdays exist, else 0 result = hasDup(sample) ratios.append(total/float(1+num_sample-total)) total += result mean = total / float(num_sample+1) means.append(mean) sigma = stdDev(ratios) sigmas.append(sigma) print sum(means)/float(len(means)) print sum(sigmas)/float(len(sigmas)) plt.figure() p1, = plt.plot(xAxis, means,"ro") p2, = plt.plot(xAxis,sigmas) plt.title(datafile + " - " + str(num_sample) + " samples of "+str(sample_len)+" dates") plt.xlabel("sample") plt.ylim(0,1); plt.legend([p1,p2],["mean","sigma"],'best',numpoints=1) plt.ylabel("%") # plt.semilogx() # plt.semilogy() graph("naissances_2.txt",10) graph("deces_2.txt",10) graph("naissances_2.txt",23) graph("deces_2.txt",23) graph("naissances_2.txt",30) graph("deces_2.txt",30) graph("mariage_2.txt",23) plt.show()

E. Experimental results

Graphical results (the green line represents the theoretical limit): 1) Sample of 10 dates

2) Sample of 23 dates

3) Sample of 30 dates

F. Numerical results

File Birth Death Birth Death Birth Death Size of samples 10 10 23 23 30 30 # of samples 622 488 270 212 207 162 Experimental Mean 22,76% 16,32% 67,79% 57,75% 81,91% 83,50% Theoretical 11,7% 11,7% 50,7% 50,7% 70,6% 70,6% Experimental Sigma 0.0499416788462 0.0469627974932 0.827653217839 0.29933503001 1.23287674973 2.89535314161

G. Observations

At first glance, one can easily see that the calculated means are: 3 significantly above the theoretical values in each situation 3 relatively in the same order of magnitude than the theoretical ones. The number of samples is decreasing as their size grows, since we have a fixed set of dates, and this affects the quality of the convergence in the latter sets. Also, the death dates values appear to be closer to the expected values than the birth dates, although in the last experiment the reverse is true (but this could be due to the relatively small number of tries)

**H. Explanation of the results
**

What could explain the gap between theoretical results and experimental ones? 1) General distribution of births The French national institute for demographic studies (INED) gathered nation-wide data on the distribution of births over many years 7 , which clearly refutes the uniform distribution hypothesis. As shown on the graph on the right, despites a trend to reduce the discrepancies, the distribution is far from uniform8 Since we based our experiments on the dates of a genealogical tree going back to before the French revolution of 1789, we expect our sample data to reflect this situation in a noticeable way. In order to validate this hypothesis, we wrote a quick script to draw the actual distribution of our experimental data: 2) Distribution of experimental data

))))))))))))))))))))))))))))))))))))))))))))))))))))))))

RÉGNIER-LOILIER, Arnaud & ROHRBASSER, Jean-Marc. “Population et société : Y a-t-il une saison pour faire des enfants ?”. INED, January 2011. Source: http://www.ined.fr/fichier/t_telechargement/51706/telechargement_fichier_fr_pu bli_pdf1_pop_soc474.pdf (Last visited: December 8th, 2012). 8 Also, our sample data consists of dates from past centuries up to now.

7

Uniform data should produce a straight line Q-Q plot (right).

Clearly, birth dates is not the most uniformly distributed kind of data. Although less impacted by the human will, and less dispersed, the death dates probabilities from our sample aren’t really uniform either, as shown below.

I. Lessons learned

This experimental result brings out the question of how, and how much the non- homogeneous distribution of outcomes does affect the results? Qualitatively, this can be easily understood with the sets theory: Applying a non homogeneous probabilistic distribution to the target set of an injection actually results in reducing the effective cardinality of this set, thus raising the chance of collision since the source set’s cardinality doesn’t change. This clearly proves that any non-homogeneous distribution will result in a higher chance to find collisions in the outcomes set, which corroborates our experimental results. Incidentally, it means that the uniform distribution is the most difficult situation to find collisions in this scenario. Quantitatively, however, the general case would be a more complicated matter, although one could probably simplify the problem by identifying a well known distribution based model applicable to the data, or by limiting the deviation from an uniform distribution to a small value.9 ))))))))))))))))))))))))))))))))))))))))))))))))))))))))

See NUNNIKHOVEN, Thomas. “A birthday problem solution for non uniform birth frequency”. The American Statistician, Vol. 46, No. 4, November 1992. Also available:

9

VI. Conclusion

As we have seen throughout this work, the probability that in a set of n random people, two of them will share the same birthday (otherwise known as the Birthday Paradox), is a problem pertaining to probability theory with many unexpected applications. In the field of cryptography, namely Hash functions, we have seen how it is computationally possible to find two messages with the same hash value H(x) = H(y), even when a “strongly collision-free hash function” is being used. This represents a very important risk, given that the main purpose of cryptographic hash functions is to ensure the authenticity of messages. A contemporary solution to this problem has been to increase the size of the hash value of hash functions, the latter needs to be large enough to make the possibility of a birthday attack very unlikely. We have also discussed how the chance of a collision varies depending on whether we’re dealing with homogeneous or non-homogeneous probability distributions. In this sense, we observe that the collision hazard is superior when the target distribution is not random than in the case of pure randomness. With regards to other applications of the Birthday Paradox, we have also studied Pseudo-Random Number Generators (PRNG) as well as applications in communications networks. PRNG make the task of generating data in computer-based applications more efficient by omitting some of the many requirements of a true random number generator. This is particularly useful for applications that require a high amount of random data. PRNG provide a reasonably random set of numbers, while preserving a good rate of (pseudo-) randomness availability. In communication networks, the birthday paradox is applied advantage of the predictable risk of collision to achieve certain goals, as we have seen above. With regards to the reality check test, we have proven that non-homogeneous probability distribution results in a greater chance of collision. Consequently, a uniform distribution is most difficult scenario to find collisions. )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.bioforensics.com/conference06/Related_DB/Bday_problem.pdf (Last visited: December 8th, 2012).

VII. Annex

Exercise 1.6.3

)

VIII. Bibliography

“Birthday distribution”, David Gleich’s Notebook. Stanford University, 2010. Source: http://www.stanford.edu/~dgleich/notebook/2009/04/birthday_distributio n.html (Last visited: December 8th, 2012); “Cryptographic Hashes”, CS461/ECE422. Source: https://wiki.engr.illinois.edu/download/attachments/183272958/cryptohash.pptx?version=1&modificationDate=1315004111000 (Last visited: December 8th, 2012). “Definitions of Managed Objects for Asymmetric Digital Subscriber Line 2 (ADSL2)”. The Internet Society (2006). Source: http://www.ietf.org/rfc/rfc4429.txt (Last visited: December 8th, 2012). “Leap Day”. Eric Weinstein’s World of Astronomy. http://scienceworld.wolfram.com/astronomy/LeapDay.html (Last December 8th, 2012); Source: visited:

“The Pigeonhole Principle”, The Hong Kong University of Science and Technology, Department of Mathematics. Source: http://www.math.ust.hk/~mabfchen/Math391I/Pigeonhole.pdf (Last visited: December 8th, 2012) HALEVI, Shai. “Cryptographic Hash Functions and their many applications”, IBM Research. USENIX Security – August 2009. Source: http://static.usenix.org/events/sec09/tech/slides/halevi.pdf (Last visited: December 8th, 2012). MURPHY, Roy. “An Analysis of the Distributions of Birthdays in a Calendar Year”. Source: http://www.panix.com/~murphy/bday.html (Last visited: December 8th, 2012). NUNNIKHOVEN, Thomas. “A birthday problem solution for non uniform birth frequency”. The American Statistician, Vol. 46, No. 4, November 1992. Also available: http://www.bioforensics.com/conference06/Related_DB/Bday_problem.pdf (Last visited: December 8th, 2012).

RAMAKRISHNA, Siva and BHAVANI, Ganga. “An Efficient Continuous Neighbour Discovery in Asynchronous Sensor Networks”. International Journal of Computer Application, Issue 2, Volume 1, February 2012. Available: http://rspublication.com/ijca/feb-12/21.pdf (Last visited: December 8th, 2012). RÉGNIER-LOILIER, Arnaud & ROHRBASSER, Jean-Marc. “Population et société : Y a-t-il une saison pour faire des enfants ?”. INED, January 2011. Source: http://www.ined.fr/fichier/t_telechargement/51706/telechargement_fichier _fr_publi_pdf1_pop_soc474.pdf (Last visited: December 8th, 2012). STAMM, Stephanie. “Hash Functions and the Birthday Attack”. United States Naval Academy. Midshipman 1/C. April 23, 2010. Source: http://www.dean.usma.edu/departments/math/courses/ma498/SASMC/slid es/Stamm%20USNA.pdf (Last visited: December 8th, 2012). STERLING GRAH, Joseph. “Hash functions in cryptography”. Master thesis, The University of Bergen, 2008. Source: https://bora.uib.no/bitstream/handle/1956/3206/47401627.pdf?sequence=1 (Last visited: December 8th, 2012). SZMIT et al. “Domain Name Servers’ Pseudo-Random Number Generators and DNS Cache Poisoning Attack”. Source: http://maciej.szmit.info/documents/szmit_tomaszewski_szmit_DNS_ebook. pdf (Last visited: December 8th, 2012). The Rice University Monarch Project. Source: http://monarch.cs.rice.edu/~santa/research/powermode/powermode.pdf (Last visited: December 8th, 2012). ZIMMERMAN, Neetzan. “Infographic Illustrates Most Common Birthdays, Baby-Making Days”. Gawker, 2012. Source: http://gawker.com/5910778/infographic-illustrates-most-commonbirthdays-baby+making-days (Last visited: December 8th, 2012).

)