Random number generators play an essential function on the internet, used by banks, businesses, cryptography, online gaming, and notably by casino game studios.
It’s extremely difficult to get a computer to generate a random number. Computers are fed by instructions, follow these (the code) blindly, and are actually highly predictable.
Trying to get a computer to do something it isn’t programmed to do is enormously complex but hugely important to the security of the internet and the applications you use every day. Confidence in the internet comes from being able to trust random number generation solutions.
There are two types of random number generators commonly used, one that produces genuine random numbers and the second, called pseudorandom numbers. Here you will learn more about each.
Entropy
When you log in to your online banking, for example, the randomness of the code generated is vital to prevent hackers from guessing it. Cryptography requires numbers and codes that can’t be guessed. This randomness is essential to the security of the internet.
To generate a ‘real’ random number, a computer measures a phenomenon that takes space outside the computer and the network. It searches for unpredictable data, the practice of entropy. This is based on a physical source.
One example is key presses on your computer. The device can compile data about exactly when you press a key on your computer and use this data as a source of entropy to generate random numbers. No one could ever guess these numbers, even if they knew the source of where the number generation was coming from.
The Linux kernel is a well-known standard for random number generation. It generates entropy from keyboard timings, mouse movements, and IDE timings and then makes the random character data available to other operating system processes through special files.
Another way a computer creates random numbers is by studying noises in the atmosphere. Entropy is the gold standard of random number generation and the one increasingly used by everyone.
The result – true random number generation (TRNG).
Pseudorandom Numbers
This is an algorithm to generate numbers that appear random, even though they are not. They are ‘pseudorandom’.
The user sets the distribution or scope from which the random number is selected (e.g. lowest to highest), and the number is instantly presented.
Take, for example, a list of 100 numbers. The computer would mix those numbers up and then feed them out one by one as required. The numbers appear random but are predestined as the computer makes its way down the list.
These are used as an alternative to true random numbers, and, in practice, for many things, it doesn’t matter if the number generated is genuinely random or a pseudorandom number.
Playing video games, it’s not particularly important and isn’t going to take away your enjoyment of the game if pseudorandom generators are used to determine what happens next.
On the other hand, you don’t want sensitive information like online banking to rely on an algorithm that a super-smart computer program could eventually decipher.
Final thoughts
Want to get your mind even more frazzled? One can prove the lack of randomness by observing numbers that one can predict. But it’s impossible to prove randomness itself conclusively.
While using the best mathematics and entropy can make us pretty confident in the top RNGs used today, there is no way to prove for sure we are seeing a completely random number.
Researchers have referred to this as the black hole dilemma. You cannot locate a black hole by looking at the light it emits because the very definition of a black hole is that it emits no light.
So, while we trust in and use TRNG every day and are confident enough to refer to these as real randomness, no one can prove beyond doubt that they are random results.