How Random Are Random Number Generators?

something something - Jul 11 - - Dev Community

Hey Good People
Today lets explore the randomness of random number generator in our computers

What is Random Number

So Let's start with a predicting a number and you try to answer it by yourself before reading further

Guess a number from 1-10

If you have guessed 7 your like 45% other who would have done that
So does picking 7 make it random ??

Well a number can't be random , I mean if you say a number and ask me is it random it's not a valid question actually
Randomnees is measured based on a sequence of number

like if i again ask you to pick a number from 1-10 and you pick 7 would be random , I don't know
But if I asked 100 times and you replied 100 times with 7 then i can safely say its not random

So I guess we are clear on what is random numbers its basically a sequence of numbers where I can't tell what would be next

Our very own Random number generator

So in coding we sometimes need random number. Whats it's application ?
I guess pretty easy application is in Game development like you want to spawn enemies. You just can't spawn them at the same place then the player would get bored . So you need random coordinates for that
Also for lottery ticket allocation or password generator are pretty decent use cases

Most amazing use cases are in cryptography. I mean when you send messages its need to be encrypted there in encryption random number generator will be needed

Now we know where random number are needed.But how to generate them

Each programming language have their own native function and wrapper to generate random number for simplicity we will use only C but in other language basic thinking are the same

How random is our random number generator

Most random number generators on computers are actually pseudo-random number generators (PRNGs) Detail explanation in next section. This means they use a mathematical formula to generate a sequence of numbers that appears random, but it's not truly random in the strictest sense.

Here's the difference:

True random number generators (TRNGs): These rely on unpredictable physical events like atmospheric noise or radioactive decay to produce randomness. They are more secure and less predictable, but can be slower and more expensive to implement.
Pseudo-random number generators (PRNGs): These are deterministic, meaning they use a formula and an internal state to generate numbers. While the numbers seem random, they can be reproduced if you know the starting state (seed) of the PRNG. These are faster and easier to implement, but not suitable for cryptography or other security-critical applications.
PRNGs are fine for many common uses like games or simulations. However, for things like cryptography where true randomness is essential, TRNGs are the better choice.

What is Pseudo Random Number then ?

This example uses the Linear Congruential Generator (LCG) method, a common type of PRNG.

Formula:

X_n = (a * X_(n-1) + b) mod m

Where:

X_n: The nth random number in the sequence (0 ≤ X_n < m)
a: Multiplier (positive integer, less than m)
b: Increment (non-negative integer, less than m)
m: Modulus (positive integer)
mod: Modulo operation (remainder after division)
Let's see it in action with small values:

Seed (X_0): 1
Multiplier (a): 2
Increment (b): 1
Modulus (m): 4 (This will limit our random numbers to 0, 1, 2, 3)
Sequence:

X_1 = (2 * X_0 + b) mod m = (2 * 1 + 1) mod 4 = 3
X_2 = (2 * X_1 + b) mod m = (2 * 3 + 1) mod 4 = 7 (since 7 mod 4 = 3)
X_3 = (2 * X_2 + b) mod m = (2 * 3 + 1) mod 4 = 7 (again, repeats because 7 mod 4 = 3)
Explanation:

We see the sequence repeats after just 2 steps (X_2 and X_3 are the same).
This is because for this specific choice of parameters (a, b, and m), the generator only produces 2 unique values (0 and 3) before repeating.
Note:

This is a very basic example. Real-world PRNGs use much larger values for a, b, and m, leading to much longer cycles and more unpredictable sequences.

So Our Code's Random number generator works like this and acutally are not random at all.

You can try Predict Random Number of JS native random number Generator to guess JS native random number generator its that easy

Then why do we use pseudo random number generator ?

Now if you choose the parameters correctly it will take hours if not days for any computer to predict your next number so in practice its useful as they are serving the purpose. I mean who would try to guess where the next enemy in the game will appear for hours rather than playing the game.

How to create true random number then (like for cryptography at least)?

Upon searching I was about to conclude that Its not possible by software but keep reading for the conclusion

Now true random number can be generated by physical things and can be simulated using code. Like how many electron is emitted from a radioactive element will create randomness. Also the noise of wind is also random

But how can we use it in our PC's?
Well latest x86 processor allows you to create True Random number
rdrand int _rdrand16_step (unsigned short* val)
So does cryptrographers uses this kind of method ?
NO
First of all There are services that will give you true random number using physical things like API for Random Number Generator
This api gives you true random number from noise in your side. Pretty cool ha.For simplicity you can assume crypthographical random number also depends on such kind of hardware system, you can also read the reference for more info on it

Why can't we use C lang true random number ?

Lets create a pseudo random number in C/C++

#include <cstdlib> 
#include <iostream> 
#include <time.h> 
using namespace std; 

int main() 
{ 
    // This program will create different sequence of 
    // random numbers on every program run 

    // Use current time as seed for random generator 
    srand(time(0)); 

    for (int i = 0; i < 4; i++) 
        cout << rand() << " "; 

    return 0; 
}
Enter fullscreen mode Exit fullscreen mode

Now its pseudo as we have learned rand() does will repeat it self in finite time.

What if we use rdseed we can get true random number but the problem is that intel itself demotivate to use it as its distribution is not optimized.
What does it mean well if you again I asked 1000 people to pick a number from 1-100 and plot the results the result may look like below

Image description

So its random but you can see its a gaussian distribution so its not predictable but you can guess the number probability of being in that range make it less random

Intel's built in x86 kind of suggests that there prediction may fall into gaussian distribution.Godbolt this website gives you clear idea of how a compiler works on it run the previous code in it and see the magic

Where the normal random number generator have kind of normal distribution (each have equal probability of appearing) so in that case we can safely use pseudo random number generator for normal purposes

Conclusion

In conclusion, while computers cannot generate truly random numbers due to their deterministic nature, pseudo-random number generators (PRNGs) are a powerful tool for many applications. By carefully choosing parameters, PRNGs can produce long and unpredictable sequences of numbers that are sufficient for most purposes, like game development and simulations.

However, for cryptography and other security-critical applications where true randomness is essential, alternative methods are needed. These can include using hardware-based random number generators (TRNGs) or utilizing online services that gather randomness from physical phenomena.

Remember, understanding the limitations of PRNGs is crucial for using them effectively. They are a valuable tool, but for true randomness, we need to look beyond the realm of software and into the physical world.

Ref :

A classical Movie Explanation of random Number

How Actually Random Number is Generated
Generating True Random Number using C
Predict Random Number of JS native random number Generator
Rseed & Rrand

Intel's x86 True Random number generator
Security Issues for Using that
RNG for cryptography

Image
Thiết kế Website Tại Hậu Giang Chuẩn SEO

website, digitalmarketing, seo, terus
Image
The Vital Importance of System Integration Testing (SIT)

system, integration, testing
Image
How Exam Dumps Can Save You Time and Effort

javascript
Image
How to Use AI Code Generation to Enhance Developer Productivity

ai, codegeneration, developer
Image
Building Docker Images

beginners, docker, devops, tutorial
Image
Mastering P2P Crypto Exchange Development
Image
The Evolution and Readiness of Web3 Infra: Where Are We Now?

web3
Image
The DevTool Content Marketing Dashboard: Metrics That Actually Matter
Image
Why do AI articles trend on Dev.to?

discuss, ai, devto, meta
Image
Step-by-Step Guide to Creating RESTful APIs with Node.js and PostgreSQL

webdev, javascript, postgres, node
Image
Setting Up a Python Virtual Environment (venv)

bash, pip, python, tutorial
Image
Cisco Distributor in Dubai: Empowering Businesses with Cutting-Edge Technology
Image
Top 4 Life and Work Principles from Jensen Huang

productivity, softwaredevelopment
Image
Automating Instance Management Using AWS Lambda and EventBridge
Image
Massage on Dubai: A Luxurious Wellness Experience

22ayur, webdev
Image
How to Decommission Exchange 2019?
Image
Detailed Explanation of Digital Currency Pair Trading Strategy

trading, fmzquant, strategy, cryptocurrency
Image
What Kind of AI Technologies Are Travel Companies Using?

aitechnologies, travelcompaniesusingai, travelcompanies, aiintravel
Image
Explaining ‘this’ keyword in JavaScript

javascript, webdev, frontend, programming
.