Random number generator is a term we hear a lot these days, especially if you are into online gambling. But random number generators or RNGs have all sorts of applications, not just in gambling. They are used in everything from video games to cryptography. Computer simulations, random design, and statistical sampling all depend on random numbers. Even music apps use a sort of pseudo-random number generator when you press shuffle. Of course, it isn’t truly random, since it has limitations in terms of how many times a song can be played consecutively. In a true random generation, there would be no such thing and a song could be played two or three times in succession. So how does a random number generator work?

What Is A Random Number Generator

Simply put, a random number generator is a process that generates a sequence of random symbols, like numbers or letters. There are several ways in which this can be achieved, from the computational method, physical method, using a probability distribution, or even by using humans. Needless to say, the last method isn’t very reliable and is not used often. The computational method uses software to generate a sequence of numbers. On the other hand, a physical method is more varied and can mean using a simple set of dice to achieve randomness to utilizing radioactive decay to achieve a similar result. Even flipping a coin is considered random number generation.

Are Random Number Generators truly random?

Not all random number generators are truly random. As it turns out, achieving true randomness is incredibly hard and almost impossible without using some natural process. RNGs that are created by humans can be cracked and predicted since it is only a matter of discovering the rules that create the sequence. On the other hand, predicting waves during a storm on the open sea is pretty much impossible, regardless of how much processing power you have at your disposal. This creates various difficulties in making a truly random number generator since it increases the price considerably. That is why we have two types of random number generators, pseudo-random number generators and a hardware random number generator (HRNG), also known as true random number generators (TRNG).

Pseudo-Random Number Generators

Pseudo-random number generators are usually pieces of software designed to create sequences that are so complicated that they appear random. However, as they are produced by an algorithm, the resulting sequences aren’t truly random. The software that creates them functions within a given set of parameters that can be discovered and exploited. Given enough data, specialized software can discover the algorithm behind the process and use it against you. The trick is to make it so difficult to crack it that it simply isn’t worth the effort. They are used for mass application, including gambling, where true randomness isn’t that important. For instance, if you are playing a video game, it doesn’t matter whether an event was triggered by a truly random sequence or a pseudo-random one. However, critical applications, like cryptography, require something much better.

True Random Number Generators

The limitations of pseudo-random number generators make them ill-suited for sensitive work, like cryptography. With enough time and computer power, any pseudo RNG can be cracked. To prevent national secrets from falling into the hands of their enemies, security agencies use what is called true random number generators, or hardware random number generators (HRNG). HRNGs use a random trait of some physical object to create seed tokens, which are then used to create random sequences. By using an unpredictable event from the physical world, the resulting sequence is completely random and can’t be predicted or exploited. One of the more popular methods is using radioactive decay. Since quantum theory states that we have no way of predicting when the decay will happen, it is a truly random event. By using it as a seed, a computer can create a completely unpredictable sequence, making it virtually impossible to crack.

Entropy

For everyday uses, many HRNGs use entropy as seed. Your computer may note when you clicked your mouse and use the time stamp to create a seed, which will be truly random, for all intents and purposes. Not even you can predict that time, so an attacker doesn’t stand a chance either. Linux uses this method for its advanced crypto protection.

Concerns

Random number generators are becoming increasingly important in the modern world as a method to shield us from unwanted attacks. However, they can also be used for other, more sinister purposes. The best example is Intel’s RdRand, a random number generator built-in Intel chips. For security reasons, only a handful of engineers and scientists at Intel know what is inside RDRand and its full specs were never published. A few years back, accusations started floating that Intel has allowed the NSA to create a backdoor inside RdRand. In essence, this allowed the NSA to break any encryption users made with RdRand since it had access to seed tokens. The accusations were never proved, but some big players, like FreeBSD developers removed support for RdRand since then.