Let’s talk about random number generation
Random numbers generation (RNG) is the process to create a sequence of numbers or symbols that can’t be easily predictable more than using the random chance is generated and it has an important job in our lives, they are used in the lottery, statistical sampling, simulations, cryptography, our current privacy on the internet relies on the RNG, even the hacker attacks rely on the RNG.
The real randomness depends on the measurement of uncertainty or disorder in a system that guarantees us that there will not be a pattern in the outcome given; in simple words, the real randomness can be found in the measurement of those environmental noises that can be unpredictable like thermal noise, photoelectric effect, etc.
So, how our computer can generate random numbers?
The architecture of the traditional computers makes them deterministic, this means that if you ask them the same question, always will give you the same answer, and it makes the computers bad to generate random results, but they can be imitated.
In the computer science field, we talk about two methods to generate random numbers: True Random Number Generator (TRNG), and Pseudorandom number generator (PRNG).
The True Random Number Generators are specific hardware that measures physical environment changes that can be impossible to model, normally those hardware has in-built translators to parse the physical events into electrical signals.
The Pseudorandom number generator is an algorithm that mimics the selection of a number to approximate true randomness using a mathematical formula meaning there will be always patterns and outcome values are determined by an initial value called the seed.
Knowing this we can ensure that an online poker game can be hacked if you know the algorithm and the initial seed used, with that simple information you will be able to determine what will be the next card to be dealt.
Where are the Random Number Generators used in computer science?
The most used case for the RNG is Cryptography, these random numbers are used in passwords salt, TLS nonce, TCP/IP sequence, ASLR offset, and the generation of keys to encryption systems. Without randomness, all crypto operations would be predictable and hence insecure.
Let’s review one of the use cases, the key generation, maybe when you were generating an SSH key pair for authentication using Putty software get asked to move your mouse in a blank area.
This is made to gather random values based on the user input, the computer reads information like the exact time when the mouse was moved and the moves that you're doing to get some entropy and provides an RNG value using that info, making your key more unpredictable.
Conclusions
Random numbers get a great role in the computer science field, the privacy of the users depends on the way those numbers or sequences are generated, even if the computers are deterministic they can generate real random numbers using special hardware to measure the real world and translate it in electrical signals.
Recommendations
If you want to dive more into this topic, I would like to recommend you some articles:
- Random Number Generators
- Hardware Number Generators
- Understanding Random Number Generations and their limitations, in Linux
- Can a computer generate a truly random number?
- UEFI entropy gathering protocol
And keep an eye on this Medium page to get in touch with the latest papers.
