how do random number generators work?

630 views
0

how do random number generators work?

In: Technology

They don’t really generate random numbers, but rather take one number (say, the local date down to the current second), then run that through a variety of mathematical operations (square it, half it, multiply it with the currently used amount of RAM or whatnot), and then trim it down to the desired length.

Again, it’s not genuinely random as this strictly falls out of a computer’s ability, but after pulling the starting number through so many different operations, the outcome might as well be.

There are 2 types:
RNG (Random number generators)
pRNG (psueduo-random number generators, which try as best as possible to generate numbers which have similar properties as random ).

An example of an RNG is a real life dice. Other examples are coins, wheels, etc.

Can you REALLY make something truly random in a computer? Many will say no, but you can get close. There have been some examples listed in other posts here. Others examples are: the stock market price, radio-magnetic readings, etc.

Most random behaviour in computer programming is using pRNG

Let me give you an example of a really simple pRNG. Let’s say you want a random number between 1 and 10.

As suggested in other posts, what’s important to random numbers is a “Seed”. Think of a seed as the angle you are rolling your dice at. If you throw the dice the exact same way, it should give you exactly the same result. It’s the same as a seed, the same seed will give you the same result. A seed is what gets you started.

My method will be:
– write the current time as a number (including the seconds)
– add all the digits together
– if that number is greater that 10, add all those digits together
– repeat until there is a single digit.
– add one to the result.

So let’s take a seed of the time. The time at the moment is
12:58:44 so ill just say my seed is 125844.

Then ill add all the numbers together (1+2+5+8+4+4) = 24

The number is greater than 10 so ill add the digits together. (2+4) = 6

6 + 1 = 7

my result is 7

So, this is a legitimate pRNG, it generates numbers between 1-10. It may not be a very GOOD one, but it gives you an example of one. Now, real world pRNGs use much more complicated math, generally involving large prime numbers, modular arithetic and bit shifting (I wont go into those, but if you have grasped the general concept, you might be interested to google those)

As others have said, ‘truly random’ numbers cannot be computed. The computer instead measures something chaotic in its environment, such as electrical noise, atmospheric fluctuations, radiation detection from a Geiger counter, etc.

*Pseudo-random* numbers can be generated by algorithm however. There are many possible algorithms offering different properties: the amount of numbers generated before repeating for example; speed of algorithm, etc.

An example of one simple algorithm is the ‘linear congruential generator’, which basically brings out the natural randomness in the divisibility properties of integers.

A random number generator is a computer application that produces a seemingly random number. The specific traits of this number are that it can be equally likely to be any number in the range, and that it cannot be predicted.

The easiest way to accomplish this is to do some math that cycles a very large number, and then only ever returns a small portion from the end of it. Since you never see the whole number, you can’t really infer the whole thing.

Now the tricky part is handling the start of the sequence. You can’t just start with something static like 0, because you would cycle through the same thing each time.

You can use things like the time as a seed number to start from, but depending on the accuracy of the time, you could get two sequences starting that are the exact same. You could also, as an attacker, figure out the time and predict random numbers, leading to encryption vulnerabilities.

From a more complex standpoint, you can measure physical things to get an RNG. For instance, access times to a platter hard drive, movement of a mouse, or time between keyboard presses. However, servers don’t have access to a lot of these, so you can go one step further.

For things that don’t need to be cryptographically secure (like, say, RNG in a game), they can measure player-based events from the server like latency times. For cryptographically secure systems, you can create a system designed to give RNG Seeds. There is a very well known one by CloudFlare using Lava Lamps. They just have cameras pointed at a wall of lava lamps, and use the video feed to seed random numbers. Since lava lamps are a chaotic system, you can’t really predict what the image the cameras will be processing is. There’s a great video about this one [here](https://www.youtube.com/watch?v=1cUUfMeOijg).

The random number generators in computer programs work by generating a sequence of numbers that’s statistically random, this means that all numbers appear with the same frequency.

An example of a statisticllay random sequence *could* be the digits of pi. We can’t proove mathematically that the sequence of pi digits is statistically random, but for practical purposes it might just be because as far as we know all digits appear with pretty much the same frequency. Thus a pseudo-random number generator could be simply a program that returns the digits of pi.

Of course there’s a flaw here, the decimals of pi can be calculated so the output of such generator is totally predictable even if it’s statistically random, that’s what pseudo-randomness means.

All programs generating random numbers work in a very similar way, they take an input, they calculate something using that input and return a statistically random output, yet any output can be reproduced if you know the original input, therefore it’s predictable. In order to make up for this they tend to use hard to guess inputs like the number of milliseconds ellapsed since the computer was turned on or data from some sensors in the computer.