@chrisbhoffman

Updated November 4, 2019, 8:49pm EDT

Computers generate random number for everything from cryptography to video games and gambling. There are two categories of random numbers — “true” random numbers and pseudorandom numbers — and the difference is important for the security of encryption systems.

Computers can generate truly random numbers by observing some outside data, like mouse movements or fan noise, which is not predictable, and creating data from it. This is known as entropy. Other times, they generate “pseudorandom” numbers by using an algorithm so the results appear random, even though they aren’t.

This topic has become more controversial recently, with many people questioning whether Intel’s built-in hardware random number generator chip is trustworthy. To understand why it might not be trustworthy, you’ll have to understand how random numbers are generated in the first place, and what they’re used for.

## What Random Numbers Are Used For

Random numbers have been used for many thousands of years. Whether it’s flipping a coin or rolling a dice, the goal is to leave the end result up to random chance. Random number generators in a computer are similar — they’re an attempt to achieve an unpredictable, random result.

Random number generators are useful for many different purposes. Aside from obvious applications like generating random numbers for the purposes of gambling or creating unpredictable results in a computer game, randomness is important for cryptography.

Cryptography requires numbers that attackers can’t guess. We can’t just use the same numbers over and over. We want to generate these numbers in a very unpredictable way so attackers can’t guess them. These random numbers are essential for secure encryption, whether you’re encrypting your own files or just using an HTTPS website on the Internet.

## True Random Numbers

You may be wondering how a computer can actually generate a random number. Where does this “randomness” come from. If it’s just a piece of computer code, isn’t it possible the numbers the computer generates could be predictable?

We generally group the random numbers computers generate into two types, depending on how they’re generated: “True” random numbers and pseudo-random numbers.

To generate a “true” random number, the computer measures some type of physical phenomenon that takes place outside of the computer. For example, the computer could measure the radioactive decay of an atom. According to quantum theory, there’s no way to know for sure when radioactive decay will occur, so this is essentially “pure randomness” from the universe. An attacker wouldn’t be able to predict when radioactive decay would occur, so they wouldn’t know the random value.

For a more day-to-day example, the computer could rely on atmospheric noise or simply use the exact time you press keys on your keyboard as a source of unpredictable data, or entropy. For example, your computer might notice that you pressed a key at exactly 0.23423523 seconds after 2 p.m.. Grab enough of the specific times associated with these key presses and you’ll have a source of entropy you can use to generate a “true” random number. You’re not a predictable machine, so an attacker can’t guess the precise moment when you press these keys. The /dev/random device on Linux, which generates random numbers, “blocks” and doesn’t return a result until it gathers enough entropy to return a truly random number.

## Pseudorandom Numbers

Pseudorandom numbers are an alternative to “true” random numbers. A computer could use a seed value and an algorithm to generate numbers that appear to be random, but that are in fact predictable. The computer doesn’t gather any random data from the environment.

This isn’t necessarily a bad thing in every situation. For example, if you’re playing a video game, it doesn’t really matter whether the events that occur in that game are caused by “true” random numbers or pseudorandom numbers. On the other hand, if you’re using encryption, you don’t want to use pseudorandom numbers that an attacker could guess.

For example, let’s say an attacker knows the algorithm and seed value a pseudorandom number generator uses. And let’s say an encryption algorithm gets a pseudorandom number from this algorithm and uses it to generate an encryption key without adding any additional randomness. If an attacker knows enough, they could work backwards and determine the pseudorandom number the encryption algorithm must have chosen in that case, breaking the encryption.

## The NSA and Intel’s Hardware Random Number Generator

To make things easier for developers and help generate secure random numbers, Intel chips include a hardware-based random number generator known as RdRand. This chip uses an entropy source on the processor and provides random numbers to software when the software requests them.

The problem here is that the random number generator is essentially a black box and we don’t know what’s going on inside it. If RdRand contained an NSA backdoor, the government would be able to break encryption keys that were generated with only data supplied by that random number generator.

This is a serious concern. In December 2013, FreeBSD’s developers removed support for using RdRand directly as a source of randomness, saying they couldn’t trust it. [Source] The output of the RdRand device would be fed into another algorithm that adds additional entropy, ensuring that any backdoors in the random number generator wouldn’t matter. Linux already worked in this way, further randomizing the random data coming from RdRand so that it wouldn’t be predictable even if there was a backdoor. [Source] In a recent AMA (“Ask Me Anything”) on Reddit, Intel CEO Brian Krzanich did not answer questions about these concerns. [Source]

Of course, this likely isn’t just a problem with Intel chips. FreeBSD’s developers called out Via’s chips by name, too. This controversy shows why generating random numbers that are truly random and aren’t predictable is so important.

To generate “true” random numbers, random number generators gather “entropy,” or seemingly random data from the physical world around them. For random numbers that don’t *really* need to be random, they may just use an algorithm and a seed value.

#### Alexander Arobelidze

People have been using **random** **numbers** for millennia, so the concept isn’t new. From the lottery in ancient Babylon, to roulette tables in Monte Carlo, to dice games in Vegas, the goal is to leave the end result up to random chance.

But gambling aside, **randomness** has many uses in science, statistics, cryptography and more. Yet using dice, coins, or similar media as a random device has its limitations.

Because of the mechanical nature of these techniques, generating large quantities of random numbers requires great deal of time and work. Thanks to human ingenuity, we have more powerful tools and methods at our disposal.

## Methods for generating random numbers

### True Random Numbers

Let’s consider two principal methods used to generate random numbers. The **first method** is based on a physical process, and harvests the source of randomness from some physical phenomenon that is **expected** **to be random**.

Such a phenomenon takes place outside of the computer. It is measured and adjusted for possible biases due to the measurement process. Examples include radioactive decay, the photoelectric effect, cosmic background radiation, atmospheric noise (which we will use in this article), and more.

Thus, random numbers generated based on such randomness are said to be “**true**” random numbers.

Technically, the hardware part consists of a device that converts energy from one form to another (for example, radiation to an electrical signal), an amplifier, and an analog-to-digital converter to turn the output into a digital number.

## What are Pseudorandom Numbers?

As an alternative to “true” random numbers, the **second method** of generating random numbers involves computational algorithms that can produce apparently random results.

Why apparently random? Because the end results obtained are in fact completely determined by an initial value also known as the **seed** value or **key**. Therefore, if you knew the key value and how the algorithm works, you could reproduce these seemingly random results.

Random number generators of this type are frequently called **Pseudorandom number** generators and, as a result, output Pseudorandom Numbers.

Even though this type of generator typically doesn’t gather any data from sources of naturally occurring randomness, such gathering of keys can be made possible when needed.

Let’s compare some aspects of true random number generators or **TRNG**s and pseudorandom number generators or **PRNG**s.

PRNGs are faster than TRNGs. Because of their deterministic nature, they are useful when you need to replay a sequence of random events. This helps a great deal in code testing, for example.

On the other hand, TRNGs are not periodic and work better in security sensitive roles such as encryption.

A **period** is the number of iterations a PRNG goes through before it starts repeating itself. Thus, all other things being equal, a PRNG with a longer period would take more computer resources to predict and crack.

## Example Algorithm for Pseudo-Random Number Generator

A computer executes code that is based on a set of rules to be followed. For PRNGs in general, those rules revolve around the following:

**Accept**some initial input number, that is a seed or key.**Apply**that seed in a sequence of mathematical operations to generate the result. That result is the random number.**Use**that resulting random number as the seed for the next iteration.**Repeat**the process to emulate randomness.

Now let’s look at an example.

### The Linear Congruential Generator

This generator produces a series of pseudorandom numbers. Given an initial seed **X _{0}** and integer parameters

**a**as the multiplier,

**b**as the increment, and

**m**as the modulus, the generator is defined by the linear relation:

**X**. Or using more programming friendly syntax:

_{n}≡ (aX_{n-1}+ b)mod m**X**.

_{n}= (a * X_{n-1}+ b) % mEach of these members have to satisfy the following conditions:

**m > 0**(the modulus is positive),**0 Math.random()**function as the base and generate output in pseudorandom numbers like I have in earlier articles (see Multiplication Chart – Code Your Own Times Table).

But this article itself is about generating random numbers. So I decided to learn how to gather “true” randomness based data and share my discovery with you.

So below is the “true” Random Number Generator. Set the parameters and hit Generate.

The Mersenne-Twister is a pseudo random number generator (PRNG) used by the numpy library. This article explains all you need to know before using it.

As a data scientist, I need to generate random numbers for my algorithms. It puzzled me to know that deterministic processes in my computer could generate random sequences. I had a deeper look into it, and here is what I’ve learned:

Your computer does not generate truly random numbers but uses algorithm such as the Mersenne-Twister to get pseudo random sequences.

It is important to know when and how the seed of your pseudo random generator is set, otherwise you might have bad surprises, especially when developing multiprocess applications.

Standard random generators are highly predictable and should not be used for cryptographic or game gambling purposes.

## Generating random numbers with numpy

With numpy , the quickest way to obtain random numbers between 0 and 1 is to use the following:

Or (almost) equivalently:

In both ways, we are using what we call a pseudo random number generator or PRNG . Indeed, whenever we call a python function, such as np.random.rand() the output can only be deterministic and cannot be truly random. Hence, numpy has to come up with a trick to generate sequences of numbers that look like random and behave as if they came from a purely random source, and this is what PRNG are.

## Mersenne-Twister: the PRNG you may have used dozens of times without knowing it!

The most spread PRNG is the Mersenne Twister (MT) generator that was designed in 1997 by M. Matsumoto and T. Nishimura. It works schematically as the following:

Step 1 : We initialize our random generator with random_state= np.random.RandomState() and we generate an internal state of 624 integers.

Step 2 : Each time we call random_state.rand() we apply two operations: first, we perform a twist on the internal state to get a new internal state. Then we apply a tempering function on the newly obtained state that generates a float between 0 and 1 which is return by the random_state.rand() . These two operations are performed each time we ask for a new random number.

The twister and the temper functions are totally deterministic . Hence, the value of the first occurrence of random_state.rand() only depends on the initial internal state which therefore should be generated… randomly. In practice, RandomState() generates the initial internal state from a seed value which is taken from the internal clock of your computer. Otherwise, you can also specify the seed value by doing RandomState(seed = your_favorite_seed_value) which can be useful in order to have a deterministic code.

## What are these mysterious twister and tempering functions?

The twister and tempering functions are made of elementary bitwise and matrix operations. You can find their definitions in the original paper of the Mersenne Twister, or more simply in their C implementation in the numpy github repository:

rk_state is defined as C structure whose only relevant fields for our case are a list of 624 integers representing the state stored in rk_state.key and a position whose value is rk_state.pos . The twister function from line 14 to 29 is only applied once every 624 called when the state->pos reaches 624. In fact, the internal state stored in state->key contains enough information to generate 624 different random numbers. The tempering function consists of the bitwise operations lines 33 to 36.

## Why is the Mersenne Twister PRNG so popular?

The Mersenne Twister is used so much for two simple reasons:

It is fast to evaluate : few nanoseconds on a recent laptop according to time it.

It produces sequences of numbers that look pretty random . In order to evaluate the randomness of a sequence, we can perform different statistical tests such as the (have a look at it!) that are passed by the Mersenne Twister PGNR.

## The two caveats of the numpy.random module

MT PRNG should not be used as such for cryptography purposes! In fact, the temper function can be easily invertible. It means that for each output of the rk_random function we can infer one column of state->key and after 624 iterations of rk_random we know perfectly the state of the generator and can predict the remaining of the pseudo random sequence. In conclusion, do not use numpy.random in any cryptography or gambling game development, but look rather for specialized modules such as the secrets, or Crypto.Random.

Be careful when you use numpy.random in multiprocess application as it can lead to misleading behaviors as shown in the following:

You can see that the different calls to bad_practice in our multiprocess template always generate the same output. In fact, the RandomState is not re-initialized for each thread and all the threads share the same initial seed and initial internal state. While in the good multiprocess practice case, the random state is initialized for each thread differently.

## Let’s finish by a fun game!

In one of the square, I have randomly drawn in red 100 000 couples of points (x,y) with a uniform distribution in [0,1], while the other square contains 100 000 points coming from another stochastic process. Can you guess which one is the uniformly distributed one?

Actually, the uniformly random one is the left one! It is quite misleading as uniformly random processes might create more clusters and gaps than what we think. The image on the right was generated by first putting red dots on a regular grid and shifting each dots by random small steps (the output is therefore stochastic but it is not a uniform distribution). In fact, the human brain is quite bad for generating and/or detecting random processes, but that would be the topic of another post!

Even though computers are highly advanced these days, they actually cannot generate true random numbers on their own. Yes, they will be able to put up numbers in different orders, but that is not exactly “random.” In order for them to generate true random numbers, they would need to rely on outside sources. Now, what are these outside sources? Let us find out as we take a closer look at how computers are able to generate random numbers.

## Generating Random Numbers

Computers can generate random numbers using a process called random number generation (RNG). The RNG involves a generation of several sequences of numbers and symbols that cannot be predicted by humans and even by other computers. Random number generation is said to have been the successor to other applications of randomness, such as rolling the dice, flipping the coin, and picking a card on a newly-shuffled deck. However, the random number generation is much more sophisticated than those mentioned methods, as it is harder to predict, and it puts up more numbers or symbols in the results.

Devices rely on randomly generated numbers for various applications, but it is mainly useful for cryptography, which is a method of protecting information inside the devices using random codes. Without RNG, devices would have a hard time fighting against hackers, as they would have easier access to a device’s data since the numbers and symbols within its algorithm are predictable. Computers and smartphones would usually utilize cryptography almost every time for maximum protection, and the RNG provides these devices with enough security to fend off attackers.

## Two Types of RNG

To generate random numbers, computers rely on two types of random number generation, the first being true random number generation and the second being pseudo-random number generation.

The true random number generation relies on outside sources that are deemed “unpredictable,” such as the measurement of atmospheric noise around the device, the noise created by the computer and the environment’s temperature, and other “impossible to measure” factors. One of the most popular methods on how computers generate true random numbers is by measure the radioactive decay of an atom. According to scientists, measuring the exact radioactive decay of atoms is almost impossible, as the measurement changes from atom to atom. Because the said measurement has “true randomness,” computers rely on calculating it to create a random number that cannot be predicted and cannot be repeated.

To have a better idea of how true random number generation works, let us imagine that there is a deck of cards on a table. However, this deck of cards is peculiar because, for every draw of the player, that player will receive cards that he or she has never seen before, like eight of spades or zero of hearts, which are all cards that are not found on a normal deck. That’s how true number generation works, as it is always unpredictable and generates sequences that are often not yet seen.

The second type of RNG is the pseudo-random number generator, an alternative to true RNG if ever the computer fallback to re-seeded software whenever it exceeds its ability to generate a true random number, possibly due to limited outside sources. Instead of outside sources, the pseudo-random number generator relied on a completely determined and shorter initial value that is commonly known as a seed value. A seed value is the numbers found within the computer itself, so it will use those numbers to generate a random number. Because it relies on a seed value, pseudo-random numbers are not totally reliable when it comes to cryptography due to various reasons. One, the seed value can be seen or exploited by hackers, and once they have figured out the seed value in the computer, it would be easier for them to predict the numbers that will pop up in the RNG.

Let’s also use an example for us to have a better idea of how pseudo-random number generators work. Imagine that you have a deck of cards again on a table, but this time, the cards that you draw on the deck are the ones normally found there, like a king of hearts, ace of spades, and four of diamonds. Of course, if you already memorized all the cards found in a normal deck, you will have an idea on what card you will draw next, but there are only one out of 52 (total number of cards) chances that you will get the card that you wanted. For hackers, they may not find the cards that they are looking for immediately, but they will try to draw more sets of cards until they get the right combination of cards in their hands. For true RNG, they will have a harder time to draw the cards that they want, since the cards found in the deck are strange and unpredictable.

The pseudo-random number generator is usually only utilized by the computer if the true RNG fails to deliver random numbers, which happens rarely. Of course, there will be instances that true RNG will suffer an error, hence the reason why pseudo-random numbers are still being utilized until today. Both of these types of RNG are needed in order for computers to form better protection and security against cyber-attacks.

Anyone with any programming experience understands that computers are deterministic machines. If you provide the same input, you’ll always get the same output. That’s why having computers generate something by chance is trickier than it may seem.

Computers use random numbers for everything from cryptography to gambling, generative algorithms, video games, and more. However, computers are inherently incapable of being random. Instead, programmers rely on pseudorandom number generators (PRNGs). These are simply a category of algorithms that programmatically generate new random numbers from a given starting value called the seed.

These algorithms are not without their own limitations. Since the random numbers are programmatically generated, if someone were able to identify the seed value and the PRNG algorithm you were using, they’d be able to predict the next random number in the sequence. This would allow an attacker to break encryption, predict the next playing card in a sequence, cheat in a video game, etc.

Despite this concern, PRNGs are extremely useful in situations involving modeling and simulations as it allows you to “replay” a series of random events by initializing your random number generator with the same seed.

In situations where the randomness of the random numbers is critical, we use a “true” random number generator (TRNGs). Unlike PRNGs that have an arbitrary seed value, TRNGs pick a seed value from their environment / external data.

Here are a few potential options:

- Mouse movements
- Fan noise
- Atmospheric pressure
- Number of microseconds since the last whole second

We just need to pick a seed that an attacker wouldn’t be able to predict. This seed value will then be passed into an algorithm, similar to PRNGs, that will generate a random number to use.

The use case will generally dictate whether a PRNG will suffice or if a “true” RNG is needed. Regardless, it’s important to understand the practical differences between both approaches.

PRNGs are faster than TRNGs and their determinism is extremely useful in cases where you want to replay a series of “random” events. Additionally, some PRNGs are periodic in nature, but modern PRNGs with the right initialization parameters have a period long enough that it’s not a major concern. Conversely, TRNGs are slower than PRNGs, are non-deterministic, and are not periodic.

## Linear Congruential Generator

Let’s take a look at implementing a simple PRNG. We’ll implement a variant called the linear congruential generator (LCG) algorithm. LCG was previously one of the most commonly used and studied PRNGs (more info).

Here’s the recurrence relation for LCG:

The Wikipedia page on LCG documents a few commonly used values for modulus, multiplier, and increment. There’s no consensus on the best values to use hence the differing values across implementations.

We have to be mindful of what values we use for these parameters. Choosing the wrong values can create a period that is too short which would render our random number generator useless.

In the image below, you can see that small changes to our parameters can greatly impact the period length.

## Implementation

For our implementation, we’ll use the values documented in previous standards of the C languages (C90/C99/ANSI C, and C11).

Whatever PRNG algorithm you choose should result in a uniform distribution of random numbers and a sufficiently long period.

Here’s a simple implementation in Swift:

## Simulating Dice Rolls

Let’s say you wanted to simulate a dice roll.

It might seem reasonable to change the modulus to 6, but this would create a period far too short to be usable. We need to stick with well-chosen and tested values for our parameters.

Instead, using the approach in the code above, we can simulate 40,000 dice rolls:

Dice Value: 40,000 Roll Simulations

Looking at the results, we can see that it is indeed a uniform distribution of values.

## Generating Random Numbers In A Range

Next, let’s consider generating random numbers that fall in a range. Again, we shouldn’t change our parameters without fully understanding how it affects the period.

Instead, we should map our PRNG’s results to values in our desired range.

After a million simulations across the specified range [30, 80)

## Further Reading

If you’re interested in a more modern PRNG, I’d recommend exploring the Mersenne-Twister approach. It’s currently the most popular PRNG algorithm and currently used in Python (numpy), Ruby, PHP, R, and C++. This was meant to be a high-level introduction into this topic. If you’re interested in learning more about this topic, here a few other PRNGs to consider.

Hope you enjoyed this article! Feel free to check out my other articles below!

Use this generator to generate a trully random, cryptographically safe number. It generates random numbers that can be used where unbiased results are critical, such as when shuffling a deck of cards for a poker game or drawing numbers for a lottery, giveaway or sweepstake.

##### Related calculators

## How to pick a random number between two numbers?

You can use this random number generator to pick a truly random number between any two numbers. For example, to get a **random number between 1 and 10**, including 10, enter 1 in the first field and 10 in the second, then press “Get Random Number”. Our randomizer will pick a number from 1 through 10 at random. To generate a random number between 1 and 100, do the same, but with 100 in the second field of the picker. To **simulate a dice roll**, the range should be 1 to 6 for a standard six-sided dice.

To generate more than one unique random number, just select how many you need from the drop-down below. For example, selecting to draw 6 numbers out of the set of 1 to 49 possible would be equivalent to simulating a lottery draw for a game with these parameters.

## Where are random numbers useful?

You might be organizing a charity lottery, a giveaway, a sweepstakes, etc. and you need to draw a winner – this generator is for you! It is **completely unbiased and outside of your control**, so you can assure your crowd of the fairness of the draw, which might not be true if you are using standard methods like rolling a dice. If you need to choose several among the participants instead, just select the number of unique numbers you want generated by our random number picker and you are all set. However, it is usually best to draw the winners one after another, to keep the tension for longer (discarding repeat draws as you go).

A random number generator is also useful if you need to decide **who goes first** in some game or activity, such as board games, sport games and sports competitions. The same is true if you need to decide the **participation order** for multiple players / participants.

Nowadays, a number of government-run and private lotteries and lottery games are using software RNGs instead of more traditional drawing methods. RNGs are also used to determine the outcomes of all modern slot machines.

Finally, random numbers are also useful in statistics and simulations, where they might be generated from distributions different than the uniform, e.g. a normal distribution, a binomial distribution, a power distribution, pareto distribution. For such use-cases a more sophisticated software is required.

There is a philosophical question about **what exactly “random” is**, but its defining characteristic is surely **unpredictability**. We cannot talk about the unpredictability of a single number, since that number is just what it is, but we can talk about the unpredictability of a series of numbers (number sequence). If a sequence of numbers is random, then you should not be able to predict the next number in the sequence while knowing any part of the sequence so far. Examples for this are found in rolling a fair dice, spinning a well-balanced roulette wheel, drawing lottery balls from a sphere, and the classic **flip of a coin**. No matter how many dice rolls, coin flips, roulette spins or lottery draws you observe, you do not improve your chances of guessing the next number in the sequence. For those interested in physics the classic example of random movement is the Browning motion of gas or fluid particles.

Given the above and knowing that computers are fully deterministic, meaning that their output is completely determined by their input, one might say that we cannot generate a random number with a computer. However, one will only partially be true, since a dice roll or a coin flip is also deterministic, if you know the state of the system.

The randomness in our number generator comes from physical processes – our server gathers environmental noise from device drivers and other sources into an **entropy pool**, from which random numbers are created [1] .

### Sources of randomness

According to Alzhrani & Aljaedi [2] there are four sources of randomness that are used in the seeding of a generator of random numbers, two of which are used in our number picker:

- Entropy from the disk when the drivers call it – gathering seek time of block layer request events.
- Interrupt events from USB and other device drivers
- System values such as MAC addresses, serial numbers and Real Time Clock – used only to initialize the input pool, mostly on embedded systems.
- Entropy from input hardware – mouse and keyboard actions (not used)

This puts the RNG we use in this random number picker in compliance with the recommendations of RFC 4086 on randomness required for security [3] .

## True random versus pseudo random number generators

A **pseudo-random number generator (PRNG)** is a finite state machine with an initial value called the **seed** [4] . Upon each request, a transaction function computes the next internal state and an output function produces the actual number based on the state. A PRNG deterministically produces a periodic sequence of values that depends only on the initial seed given. An example would be a linear congruential generator like PM88. Thus, knowing even a short sequence of generated values it is possible to figure out the seed that was used and thus – know the next value.

A **cryptographic pseudo-random number generator (CPRNG)** is a PRNG in that it is predictable if the internal state is known. However, assuming the generator was seeded with sufficient entropy and the algorithms have the needed properties, such generators will not quickly reveal significant amounts of their internal state, meaning that you would need a huge amount of output before you can mount a successful attack on them.

A hardware RNG is based on unpredictable physical phenomenon, referred to as **“entropy source”**. Radioactive decay, or more precisely the points in time at which a radioactive source decays is a phenomenon as close to randomness as we know, while decaying particles are easy to detect. Another example is heat variation – some Intel CPUs have a detector for thermal noise in the silicon of the chip that outputs random numbers. Hardware RNGs are, however, often biased and, more importantly, limited in their capacity to generate sufficient entropy in practical spans of time, due to the low variability of the natural phenomenon sampled. Thus, another type of RNG is needed for practical applications: a **true random number generator** (TRNG). In it cascades of hardware RNG (entropy harvester) are used to periodically reseed a PRNG. When the entropy is sufficient, it behaves as a TRNG.

#### References

[1] Linux manual page on “urandom”

[2] Alzhrani K., Aljaedi A. (2015) “Windows and Linux Random Number Generation Process: A Comparative Analysis”, *International Journal of Computer Applications* 113:21

[3] Schiller J., Crocker S. (2005) “IETF RFC 4086 – Randomness Requirements for Security”

[4] Goichon F., Lauradoux C., Salagnac G., Vuillemin T. (2012) “A study of entropy transfers in the Linux Random Number Generator”, research report 8060

This may very well be the only question I ever ask on this stackexchange site. In programming there are many different ways to generate random numbers depending on different languages. What has been bothering me for a while now, however, is HOW can anything computer generated be random? I found this post however it wasn’t very well received and it said to broad or to many possible answers. However the way I see it there is only one possible answer, how it works! I mean to say that someone with a computer background should be able to answer this so it isn’t like I am asking for your opinion. As a final note I would like to apologize if I am in the wrong forum.

## 3 Answers 3

They can and can’t depending on the computer. Usually, it’s a pseudorandom algorithm. One of the earliest algorithms was basically just to perform a series of basic arithmetic (multiply, divide, add, subtract, modulo) on a number called a seed, and take the middle numbers, or something like that. The numbers appear random, but after a certain number of trials, the same cycle will repeat itself.

Which means that they can’t use a PRNG to encrypt your password. PRNGs usually use the system time as the seed, so if the attacker know the approximate time your password was encrypted (account creation time, password change time), they can just generate a small range of passwords using that time range, and try all the generated passwords instead of having to generate all possible combinations allowed.

If you’ve ever gone to www.random.org, you’ll probably see that they generate truly random numbers. That’s because they use devices to collect atmospheric noise, or some kind of noisy atmospheric data, and use that.

I’m not an expert on this, but I think some OSes might also collect data from user’s mouse movement and keyboard presses along with a PRNG to generate numbers secure enough to encrypt passwords with

Computers generate random number for everything from cryptography to video games and gambling. There are two categories of random numbers — “true” random numbers and pseudorandom numbers — and the difference is important for the security of encryption systems.

Computers can generate truly random numbers by observing some outside data, like mouse movements or fan noise, which is not predictable, and creating data from it. This is known as entropy. Other times, they generate “pseudorandom” numbers by using an algorithm so the results appear random, even though they aren’t.

This topic has become more controversial recently, with many people questioning whether Intel’s built-in hardware random number generator chip is trustworthy. To understand why it might not be trustworthy, you’ll have to understand how random numbers are genreated in the first place, and what they’re used for.

## What Random Numbers Are Used For

Random numbers have been used for many thousands of years. Whether it’s flipping a coin or rolling a dice, the goal is to leave the end result up to random chance. Random number generators in a computer are similar — they’re an attempt to achieve an unpredictable, random result.

Random number generators are useful for many different purposes. Aside from obvious applications like generating random numbers for the purposes of gambling or creating unpredictable results in a computer game, randomness is important for cryptography.

Cryptography requires numbers that attackers can’t guess. We can’t just use the same numbers over and over. We want to generate these numbers in a very unpredictable way so attackers can’t guess them. These random numbers are essential for secure encryption, whether you’re encrypting your own files or just using an HTTPS website on the Internet.

## True Random Numbers

You may be wondering how a computer can actually generate a random number. Where does this “randomness” come from. If it’s just a piece of computer code, isn’t it possible the numbers the computer generates could be predictable?

We generally group the random numbers computers generate into two types, depending on how they’re generated: “True” random numbers and pseudo-random numbers.

To generate a “true” random number, the computer measures some type of physical phenomenon that takes place outside of the computer. For example, the computer could measure the radioactive decay of an atom. According to quantum theory, there’s no way to know for sure when radioactive decay will occur, so this is essentially “pure randomness” from the universe. An attacker wouldn’t be able to predict when radioactive decay would occur, so they wouldn’t know the random value.

For a more day-to-day example, the computer could rely on atmospheric noise or simply use the exact time you press keys on your keyboard as a source of unpredictable data, or entropy. For example, your computer might notice that you pressed a key at exactly 0.23423523 seconds after 2 p.m.. Grab enough of the specific times associated with these key presses and you’ll have a source of entropy you can use to generate a “true” random number. You’re not a predictable machine, so an attacker can’t guess the precise moment when you press these keys. The /dev/random device on Linux, which generates random numbers, “blocks” and doesn’t return a result until it gathers enough entropy to return a truly random number.

## Pseudorandom Numbers

Pseudorandom numbers are an alternative to “true” random numbers. A computer could use a seed value and an algorithm to generate numbers that appear to be random, but that are in fact predictable. The computer doesn’t gather any random data from the environment.

This isn’t necessarily a bad thing in every situation. For example, if you’re playing a video game, it doesn’t really matter whether the events that occur in that game are cased by “true” random numbers or pseudorandom numbers. On the other hand, if you’re using encryption, you don’t want to use pseudorandom numbers that an attacker could guess.

For example, let’s say an attacker knows the algorithm and seed value a pseudorandom number generator uses. And let’s say an encryption algorithm gets a pseudorandom number from this algorithm and uses it to generate an encryption key without adding any additional randomness. If an attacker knows enough, they could work backwards and determine the pseudorandom number the encryption algorithm must have chosen in that case, breaking the encryption.

## The NSA and Intel’s Hardware Random Number Generator

To make things easier for developers and help generate secure random numbers, Intel chips include a hardware-based random number generator known as RdRand. This chip uses an entropy source on the processor and provides random numbers to software when the software requests them.

The problem here is that the random number generator is essentially a black box and we don’t know what’s going on inside it. If RdRand contained an NSA backdoor, the government would be able to break encryption keys that were generated with only data supplied by that random number generator.

This is a serious concern. In December 2013, FreeBSD’s developers removed support for using RdRand directly as a source of randomness, saying they couldn’t trust it. [Source] The output of the RdRand device would be fed into another algorithm that adds additional entropy, ensuring that any backdoors in the random number generator wouldn’t matter. Linux already worked in this way, further randomizing the random data coming from RdRand so that it wouldn’t be predictable even if there was a backdoor. [Source] In a recent AMA (“Ask Me Anything”) on Reddit, Intel CEO Brian Krzanich did not answer questions about these concerns. [Source]

Of course, this likely isn’t just a problem with Intel chips. FreeBSD’s developers called out Via’s chips by name, too. This controversy shows why generating random numbers that are truly random and aren’t predictable is so important.

To generate “true” random numbers, random number generators gather “entropy,” or seemingly random data from the physical world around them. For random numbers that don’t *really* need to be random, they may just use an algorithm and a seed value.

This version of the generator creates a random integer. It can deal with very large integers up to a few thousand digits.

## Comprehensive Version

This version of the generator can create one or many random integers or decimals. It can deal with very large numbers with up to 999 digits of precision.

A random number is a number chosen from a pool of limited or unlimited numbers that has no discernible pattern for prediction. The pool of numbers is almost always independent from each other. However, the pool of numbers may follow a specific distribution. For example, the height of the students in a school tends to follow a normal distribution around the median height. If the height of a student is picked at random, the picked number has higher chance to be closer to the median height than being classified as very tall or very short. The random number generators above assume that the numbers generated are independent of each other, and will be evenly spread across the whole range of possible values.

A random number generator, like the ones above, is a device that can generate one or many random numbers within a defined scope. Random number generators can be hardware based or pseudo-random number generators. Hardware based random-number generators can involve the use of a dice, a coin for flipping, or many other devices.

A pseudo-random number generator is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers. Computer based random number generators are almost always pseudo-random number generators. Yet, the numbers generated by pseudo-random number generators are not truly random. Likewise, our generators above are also pseudo-random number generators. The random numbers generated are sufficient for most applications yet they should not be used for cryptographic purposes. True random numbers are based on physical phenomenon such as atmospheric noise, thermal noise, and other quantum phenomena. Methods that generate true random numbers also involve compensating for potential biases caused by the measurement process.