Random number generation

Some of these have existed since ancient times, including well-known examples like the rolling of dice, coin flipping, the shuffling of playing cards, the use of yarrow stalks (for divination) in the I Ching, as well as countless other techniques.

Because of the mechanical nature of these techniques, generating large quantities of sufficiently random numbers (important in statistics) required much work and time.

While cryptography and certain numerical algorithms require a very high degree of apparent randomness, many other operations only need a modest amount of unpredictability.

Some simple examples might be presenting a user with a "random quote of the day", or determining which way a computer-controlled adversary might move in a computer game.

On some Unix-like systems, including most Linux distributions, the pseudo device file /dev/random will block until sufficient entropy is harvested from the environment.

[2] Due to this blocking behavior, large bulk reads from /dev/random, such as filling a hard disk drive with random bits, can often be slow on systems that use this type of entropy source.

Some systems take a hybrid approach, providing randomness harvested from natural sources when available, and falling back to periodically re-seeded software-based cryptographically secure pseudorandom number generators (CSPRNGs).

The fallback occurs when the desired read rate of randomness exceeds the ability of the natural harvesting approach to keep up with the demand.

This approach avoids the rate-limited blocking behavior of random number generators based on slower and purely environmental methods.

Carefully designed and implemented pseudorandom number generators can be certified for security-critical cryptographic purposes, as is the case with the yarrow algorithm and fortuna.

[dubious – discuss][3] The earliest methods for generating random numbers, such as dice, coin flipping and roulette wheels, are still used today, mainly in games and gambling as they tend to be too slow for most applications in statistics and cryptography.

However, physical phenomena and tools used to measure them generally feature asymmetries and systematic biases that make their outcomes not uniformly random.

The appearance of wideband photonic entropy sources, such as optical chaos and amplified spontaneous emission noise, greatly aid the development of the physical random number generator.

A prototype of a high-speed, real-time physical random bit generator based on a chaotic laser was built in 2013.

HotBits measured radioactive decay with Geiger–Muller tubes,[9] while Random.org uses variations in the amplitude of atmospheric noise recorded with a normal radio.

[14] Most computer programming languages include functions or library routines that provide random number generators.

The quality i.e. randomness of such library functions varies widely from completely predictable output, to cryptographically secure.

[15] Much higher quality random number sources are available on most operating systems; for example /dev/random on various BSD flavors, Linux, Mac OS X, IRIX, and Solaris, or CryptGenRandom for Microsoft Windows.

However, most studies find that human subjects have some degree of non-randomness when attempting to produce a random sequence of e.g. digits or letters.

In addition, behavior of these generators often changes with temperature, power supply voltage, the age of the device, or other outside interference.

Wang and Nicol[19] proposed a distance-based statistical testing technique that is used to identify the weaknesses of several random generators.

Li and Wang[20] proposed a method of testing random numbers based on laser chaotic entropy sources using Brownian motion properties.

Most random number generators natively work with integers or individual bits, so an extra step is required to arrive at the canonical uniform distribution between 0 and 1.

The NSA is reported to have inserted a backdoor into the NIST certified cryptographically secure pseudorandom number generator Dual EC DRBG.

[31] There have subsequently been accusations that RSA Security knowingly inserted a NSA backdoor into its products, possibly as part of the Bullrun program.

Dice are an example of a mechanical hardware random number generator. When a cubical die is rolled, a random number from 1 to 6 is obtained.
Demonstration of a simple random number generator based on where and when a button is clicked