Pseudorandomness is a measurement of the degree to which a sequence of numbers, though appearing to be random, is produced by a deterministic and repeatable process. True randomness is a stochastic quality of a sequence which has a probability distribution or pattern that may be analyzed statistically but may not be predicted precisely. Pseudorandom sequences are easier to produce than truly random sequences, and the seeming randomness is the basis for many security applications.
Not all “random” selections even qualify as pseudorandom. For example, systems that “randomly” sequence music tracks can appear to be random on first listen but often include restrictions such as not allowing the same item to appear two or more times in succession or selecting specific music types to follow each other.
Two principal methods are used to generate random and pseudorandom numbers, and a third method is emerging. The use of naturally-occurring physical phenomena can be used to produce the highest level of randomness. Atmospheric or thermal noise and other electromagnetic radiation sources, such as cosmic background radiation or radioactive decay, measured over short time periods can be used as entropy sources to make true random number generators (TRNGs).
Depending on the physical phenomena being measured, natural sources of entropy can be harvested at varying rates. Because of these rate limitations, it takes a finite block of time to harvest enough entropy for the process to proceed, and these sources are called “blocking.” As a result, TRNGs can be relatively slow, depending on the entropy source’s availability and/or strength.
Online services exist that use entropy sources to generate true random numbers. They offer both free and paid services. Random.org uses atmospheric noise as the basis of its random number generation. Radioactive source decays are completely unpredictable, and they are easy to detect, measure, and enter into a computer. That can avoid or at least minimize the “blocking” effect described above. The HotBits service from Fourmilab is an example of a TRNG based on radioactive decay.
Computational algorithms are a common method for producing long sequences of pseudorandom numbers. A shorter initial value completely determines the resulting sequences, called the seed value or key. If the key is known, pseudorandom sequences can be reproduced. Pseudorandom number generators (PRNGs) do not rely on natural entropy sources, but hybrid systems exist that periodically use natural entropy to increase the “randomness” of the process. PRNGs are non-blocking, are not rate-limited, and can produce varying strings of pseudorandom numbers on command.
A PRNG that is sufficiently random for security and encryption applications are called cryptographically secure pseudorandom number generators (CSPRNGs). Fortuna is an example of a CSPRNG. Fortuna generates cryptographically secure pseudorandom numbers on a computer. It can also be used as a TRNG, accepting random inputs from analog random sources. And like PRNGs, CSPRNGs can take a hybrid approach combining natural entropy (when available) with the basic computational algorithms.
Quantum random number generators (QRNGs) are an emerging area in pseudorandom number generation. QRNGs are being explored for use in artificial intelligence, Monte Carlo simulations, and sampling processes, as well as cryptography. While QRNGs are theoretically unpredictable, there are still challenges to implementation due to device and process imperfections. Similar to theoretically secure quantum key protocols, real QRNG implementations are limited in performance. For QRNGs, there are tradeoffs between a higher level of performance and reduced overall implementation efficiency.
QRNGs are expected to find near-term application in machine learning models such as neural networks and convolutional neural networks. They can be used for random initial weight distributions and for producing random splitting processes, enhancing machine learning compared with PRNGs.
There is a growing need for random and pseudorandom numbers in various applications ranging from security to artificial intelligence and machine learning. As a result, it is important to understand the available options and their performance differences.
