Even though computers are highly advanced these days, they actually cannot generate true random numbers on their own. Yes, they will be able to put up numbers in different orders, but that is not exactly “random.” In order for them to generate true random numbers, they would need to rely on outside sources. Now, what are these outside sources? Let us find out as we take a closer look at how computers are able to generate random numbers.
Generating Random Numbers
Computers can generate random numbers using a process called random number generation (RNG). The RNG involves a generation of several sequences of numbers and symbols that cannot be predicted by humans and even by other computers. Random number generation is said to have been the successor to other applications of randomness, such as rolling the dice, flipping the coin, and picking a card on a newly-shuffled deck. However, the random number generation is much more sophisticated than those mentioned methods, as it is harder to predict, and it puts up more numbers or symbols in the results.
Devices rely on randomly generated numbers for various applications, but it is mainly useful for cryptography, which is a method of protecting information inside the devices using random codes. Without RNG, devices would have a hard time fighting against hackers, as they would have easier access to a device’s data since the numbers and symbols within its algorithm are predictable. Computers and smartphones would usually utilize cryptography almost every time for maximum protection, and the RNG provides these devices with enough security to fend off attackers. Nowadays, RNG is an essential topic in the Ethical hacking course for businesses to help keep hackers at bay.
Two Types of RNG
To generate random numbers, computers rely on two types of random number generation, the first being true random number generation and the second being pseudo-random number generation.
The true random number generation relies on outside sources that are deemed “unpredictable,” such as the measurement of atmospheric noise around the device, the noise created by the computer and the environment’s temperature, and other “impossible to measure” factors. One of the most popular methods on how computers generate true random numbers is by measure the radioactive decay of an atom. According to scientists, measuring the exact radioactive decay of atoms is almost impossible, as the measurement changes from atom to atom. Because the said measurement has “true randomness,” computers rely on calculating it to create a random number that cannot be predicted and cannot be repeated.
To have a better idea of how true random number generation works, let us imagine that there is a deck of cards on a table. However, this deck of cards is peculiar because, for every draw of the player, that player will receive cards that he or she has never seen before, like eight of spades or zero of hearts, which are all cards that are not found on a normal deck. That’s how true number generation works, as it is always unpredictable and generates sequences that are often not yet seen.
The second type of RNG is the pseudo-random number generator, an alternative to true RNG if ever the computer fallback to re-seeded software whenever it exceeds its ability to generate a true random number, possibly due to limited outside sources. Instead of outside sources, the pseudo-random number generator relied on a completely determined and shorter initial value that is commonly known as a seed value. A seed value is the numbers found within the computer itself, so it will use those numbers to generate a random number. Because it relies on a seed value, pseudo-random numbers are not totally reliable when it comes to cryptography due to various reasons. One, the seed value can be seen or exploited by hackers, and once they have figured out the seed value in the computer, it would be easier for them to predict the numbers that will pop up in the RNG.
Let’s also use an example for us to have a better idea of how pseudo-random number generators work. Imagine that you have a deck of cards again on a table, but this time, the cards that you draw on the deck are the ones normally found there, like a king of hearts, ace of spades, and four of diamonds. Of course, if you already memorized all the cards found in a normal deck, you will have an idea on what card you will draw next, but there are only one out of 52 (total number of cards) chances that you will get the card that you wanted. For hackers, they may not find the cards that they are looking for immediately, but they will try to draw more sets of cards until they get the right combination of cards in their hands. For true RNG, they will have a harder time to draw the cards that they want, since the cards found in the deck are strange and unpredictable.
The pseudo-random number generator is usually only utilized by the computer if the true RNG fails to deliver random numbers, which happens rarely. Of course, there will be instances that true RNG will suffer an error, hence the reason why pseudo-random numbers are still being utilized until today. Both of these types of RNG are needed in order for computers to form better protection and security against cyber-attacks.