Ever since the antiquity, random number generation has played an important role both in common everyday life activities, such as leisure games, as well as in the advancement of science. Such means as dice and coins have been employed since the ancient times in order to generate random numbers that were used for gambling, dispute resolution, leisure games, and perhaps even fortune-telling. The theory behind the generation of random numbers, as well as the ability to potentially predict the outcome of this process, has been heavily studied and exploited by mathematics, in an attempt to either ensure the randomness of the process, to gain an advantage in correctly predicting its future outcomes, or to approximate the results of rather complicated computations. Especially in cryptography, random numbers are used due to the aforementioned properties, so that attackers have no other option but to guess the secret. This fact, in conjunction with the ongoing digitalisation of our world, has led to an interest in random number generation within the framework of computer science. In this context, random number generation systems are classified into two main categories: pseudorandom number generators and true random number generators, with the former generating sequences of numbers that appear to be random, but are in fact completely predictable when the initial value (being referred to as the seed) and conditions used for the number generation process are known, and with the latter generating truly random sequences of numbers that can only be predicted (correctly) with negligible probability, even if the initial value and conditions are known.
The term "random number generation" refers to the production of numbers (in a very broad sense) in such a manner that there is, ideally, no way in which the outcome of this production process can be predicted. Ever since the antiquity, random number generation has played an important role both in common everyday life activities, such as leisure games, as well as in the advancement of science. One of the oldest ways in which humans generated random numbers has been through the use of dice. It does not seem to be known when dice were invented, but they have been employed since ancient times, alongside with coin flipping, for predicting the future, decision-making, fortune-telling, gambling, dispute resolution, and leisure games. However, coin tosses are known to have a certain bias, which has been studied extensively[1]. In addition, coins could even rarely land on the edge, rendering the result useless[2]. Modern usages of random numbers include Monte Carlo experiments, game decisions, and even Cryptography (see also Cryptographically-Secure Pseudorandom Number Generator).
Random Number Generators, which are usually machines, hardware, and/or software that automate the generation of random numbers, are often abare often abbreviated and referred to as RNGs. To this end, the ancient method of coin tossing to produce a, most usually, binary outcome, can essentially be viewed as a forerunner of modern binary RNGs, whereas dice throwing can be considered as a forerunner of high-entropy RNGs that allow for an even higher number of outcomes. It is also important to note here that in the context of random number generation, the term "number" does not exclusively refer to a mathematical number, but rather to the actual outcome of the hard (and, ideally, impossible) to predict process that is referred to as "random number generation", in the sense that a coin toss or a die throw would still be considered as random number generation, especially if the outcome of these processes was unbiased, even if the sides of the relevant coin(s) and di(c)e did not depict any numbers.
An RNG should have four desirable properties:
The coin toss mentioned above does not exactly fully exhibit fil these characteristics, but can still provide sufficiently random numbers for everyday use.
The two main types of RNGs are called True RNGs (TRNGs) and Pseudo-RNGs (PRNGs). These two types of RNGs can, usually, only be distinguished through the study of a high amount of the numbers that they produce as outcomes.
A TRNG is able to generate random numbers that can only be predicted (correctly) with negligible probability, even if the initial value and conditions are known. TRNGs are typically slower than PRNGs and may additionally be biased. For debiasing, most often von -Neumann -correction is deployed[3]. It is worth mentioning that most quantum effects appear to be truly unpredictable and random, leading to TRNGs that are based on quantum mechanics.
A PRNG can generate sequences of numbers that appear to be random, but are in fact completely predictable when the initial value (being referred to as the seed) and conditions used for the number generation process are known. PRNGs are usually algorithms or simple mathematical formulae, making them faster than TRNGs at the cost of determinism.
On a more general note, the concepts of determinism and randomness are rather hard to fully define. In particular, most processes that appear to be random are rather dependent on the unpredictability of their initial conditions and of the overall physical system. For example, the movement of a leaf in the wind should be fully predictable, if all the relevant parameters are known with extremely high detail, yet in practice, it is rather unpredictable in the general case. In the same fashion, the output of PRNGs may sometimes successfully pass even the most rigorous statistical tests, even though it is completely deterministic. For example, a coin toss and a die throw are also rather fully deterministic processes, at least in the general case, which, however, are most often considered as random. To this end, one should refer to chaos theory, and the way in which minor variations affect the overall time progression of a system in such a way that two or more entirely different outcomes are possible due to them. A similar example from the digital world would be a hash function that exhibits the avalanche effect: for slightly different inputs, it produces totally different outputs. If such a hash function is employed for the production of a series of numbers, by feeding it its output to produce a new number, the outcome may appear as random, especially if this function produces really long numbers, but it will always be fully deterministic and predictable.
A concept somehow similar to that of a PRNG is that of a Physical Unclonable Function, where minor variations lead the system to reach a rather stable state, which appears as unpredictable, and thus "unclonable". In this case, every time the physical system is queried, the result is almost the same; thus, a PUF produces an output that can be considered as similar to that of a PRNG that is not biased towards a particular digit (a particular outcome that would occur almost every time), but is extremely biased towards a particular series of digits (a series of outcomes that occurs almost every time).
This section lists some commonly used and newly proposed RNGs.
Most RNGs are prone to some kind of attack. Attacks on PRNGs include, but are not limited to[15]: