How do computers generate random numbers?
At first glance, video games, gambling, and cryptography seem to have nothing to do with each other, but in reality, they all use 'random numbers ', and modern people's lives cannot be established without random numbers. Better Programming, a programming-related blog, explains how such random numbers are generated by a computer.
Generating Random Numbers Is a Lot Harder Than You Think | by Sunny Beatteay | Sep, 2021 | Better Programming
If you want to use random numbers in programming, for example, use methods such as 'rand' for Ruby and 'random ()' for Python. What is generated at this time is a pseudo-random number obtained by calculation, not a completely random number.
In the first place, a computer is a logical machine that 'inputs data and outputs data', and in order for a computer to generate random numbers, it needs data that is the source of random numbers. What kind of data is the source of this random number depends on the random number generator, and according to Better Programming, there are two main types of random number generators.
One is called ' Pseudo-random number generator (PRNG) '. To generate a number with this PRNG, you need two specific numbers, a 'seed value' and a 'random number generation algorithm'. Random number generation algorithms used for PRNG include ' square extraction method ', ' linear congruential method ', ' linear feedback shift register ', and ' Mersenne Twister '.
PRNG cannot generate perfect random numbers, but it can generate seemingly random numbers quickly and inexpensively. Furthermore, if you prepare a specific seed value, reproducibility can be obtained, so it is also a big point that test operation is possible. That's why PRNG is often used for random methods in games and programming languages.
However, since the randomness of the number generated by PRNG depends on the seed value, there is also a vulnerability that the generation of the number can be predicted if the seed value is leaked. In fact, there is an example of a password manager in Kaspersky Lab, a security software, that had a problem getting seed values and made randomly generated passwords predictable.
The password generated by Kaspersky's password manager turned out to be able to break through the detonation velocity with a brute force attack, why on earth? --GIGAZINE
Therefore, the 'intrinsic random number generator (TRNG) ' randomly generates the data that is the source of random numbers. TRNG is characterized by using entropy instead of the seed value, which is a specific number, and can generate random numbers that are closer to perfection. Therefore, TRNG is used in the field of digital gambling such as dice, card shuffle, and roulette.
The question is how to use entropy as the data of the source of random numbers, which requires the parts that make up the computer to be random. TRNG produces highly random numbers by converting physical noise into digital 1s and 0s, using quantum phenomena such as memory volatility and the photoelectric effect.
On the other hand, TRNG has the disadvantage that it takes time to generate numbers. In addition, the data that is the source of random numbers requires entropy, so idle or new servers cannot create as random data as active servers.
Since PRNG and TRNG each have their weaknesses, they can be used without problems in video games and gambling, but they cannot be used in the field of cryptography, which requires high security. Therefore, the 'Cryptographically Pseudo-Random Number Generator (CSPRNG)' was devised, which achieves both the speed of PRNG and the security of TRNG.
CSPRNG is a generator that 'creates a seed value from a high-quality entropy source and inputs it into an algorithm to generate a highly secure random number.' In short, CSPRNG is a mechanism that 'generates a PRNG seed value with TRNG'. / Dev / random used in Unix-like OS and Linux uses this CSPRNG. Better Programming says, 'When you play video games, shuffle music, or call random numbers in programming, you want to know better about what's happening in your computer. '.
Related Posts: