Sometimes problems that seem easy are actually difficult. A perfect example is the generation of random numbers. In the physical world, it’s easy – we can roll dice, draw a card from a deck, or spin a wheel. Electronic circuits play by different rules. We’ve spent decades developing devices that behave consistently, and software that executes the same way every time. They’re the very opposite of random.
Why do we need randomness? One application is in gaming. If you want to simulate a turn-based board game, your electronic device needs to roll the dice. A more critical use is in encryption, the technology that keeps our conversations and financial transactions private. Random numbers allow us to create numeric keys, which can then convert readable data to gibberish and back again.
The simplest approach is a PRNG or pseudo-random number generator. We say “pseudo” because mathematically, it’s not really random, though the function is complex enough to seem that way. A commonly used algorithm is the linear congruential generator, which is the basis of the Unix function “rand.” It’s fast, efficient, and requires minimal memory.
This method is fine for games, but for encryption, the stakes are higher. A hacker trying to break into a secure system might discover how the numbers are generated and use them to guess at keys. It’s not easy, but if the attacker is sufficiently motivated, it could be a serious weakness.
Why not use a hardware-based solution to achieve real-world randomness? People have tried different approaches. Fourmilab’s Hotbits service monitors the decay of a radioactive source. The website random.org uses a sensor to convert atmospheric noise to numeric values. The drawbacks include the cost of the hardware and the relative slowness of true random number production. At Fourmilab it’s only 100 bytes per second, which is why they support requests for large sequences by sending out data which they’ve already generated.
A while back I thought of making a USB-type device to create random numbers for a PC. Somebody beat me to it. Simtec electronics has a product called the “Entropy Key” which contains “two high-quality noise generators” to create the requisite random data. They cost around $50 each in small quantities, not including shipping. Their website says they have none in stock and there is a long wait, so I wonder if they are still producing them. Another company, called idquantique, provides random number modules incorporated in PC add-on boards, but these cost hundreds of dollars apiece.
Randomness, like air and water, is something we take for granted. In everyday life, we get randomness for free. In the computer world, however, it can be rather expensive.
If you enjoy stories where the unexpected happens, get my short e-book Found Pet, in which a man who adopts a cute furry animal gets more than he bargained for.