**Why is AHS-RNG cryptographically secure?**

Cryptographically secure random number generators, whether deterministic or non-deterministic, must first and foremost ensure that anyone who somehow learns a subset of the random numbers generated cannot guess or calculate any previous or subsequent random numbers. Pseudorandom number generators that have this property (BlumBlumShub, for example) are also known as CSPRNGs.

The AHS-RNG, both in the deterministic variant and in the non-deterministic variant, fulfils this requirement perfectly. As each individual bit is the result of a complex calculation of a bit address of the bit-fishing-table and is selected from a set of 32768 identical bits (each 0 or 1), it is impossible to trace the origin of the individual bit. The bit-fishing-table is in reality a static internal "state" which has a specific value from over 10exp19725 possible values. A second important static secret is the FAAP. In addition, there is the static value of the multiplier (once or twice 64 bits, a prime number) and the static (in the deterministic variant) or dynamic value (in the non-deterministic variant) of the increment of the LCG, any odd value. The starting value of the LCG with once or twice 64 bit must also be known, as the first values from the LCG influence the calculation over the entire further course. These form half of the basic modifiers, while the other half is determined using the BFT. This means an additional 256 bits of internal static code, which can no longer be calculated subsequently, as this information is one of the bases for indirectly creating the address of the bit to be selected. Before this address is completely finished, it is compiled from four different basic randomness values with the help of FAAP. We recommend the AHS-RNG demo for demonstration purposes.

If, contrary to all expectations, someone comes up with an initial promising plan for a possible attack, we are happy to make our HPC of 30 TFLOPS temporarily available if necessary. For the time being, however, we are convinced that all the secrets used must be known, i.e. the BFT, the FAAP and the parameters of the LCG as well as their seed, in order to make an attack possible.