### What is it?

**Randomness** is maybe something people do not think so much about. But:

TRUE RANDOMNESS IS VERY IMPORTANT!

*This post is only a “gentle introduction” to this whole randomness-field.*

Originally it’s a big rabbit-hole filled with interesting science. So beware: It’s way too easy to use a several thousand hours reading research articles and discussions regarding this *magic*.

When talking more about this is an important term: **Entropy**:

In information theory, the

entropyof a random variable is the average level of “information”, “surprise”, or “uncertainty” inherent to the variable’s possible outcomes.

So a **true ***random number* isn’t possible to guess even if you know **EVERYTHING** that has happened already.

**But what is random?** Is it only numbers **uniformly distrubuted**?

But what about series such as *1,2,3,4,5,6,7…*?

They are uniformly distributed, but it seems like it’s possible to guess the next number with fairly high level of success…

### But why do we need it?

In today’s**information society**true randomness is a very important(

**!!**).

It was also rather important in earlier times. One funny example of randomness-usage is **the Athenian democracy**. Continue reading this article on ** the History of randomness** on Wikipedia for more!

Since has the level of importance multiplied many times.

Maybe most of all plays *randomness* an **important** role in several kinds of communication and in modern cryptography.

If a perpetrator is capable of guessing the next *random* number created by a system you want to securely communicate with (e.g. your precious online banking), they might get access to it.

### How do we create it?

There exist several *kinds* of random numbers. And because *true random* can be quite hard to generate (+ we do not need it “all the time”), do we divided the field down to many sub-categories:

**TRNG/HRNG**:*Hardware/True Random Number Generators*creates “true random numbers”- This is done by
*fetching entropy*from something physical.

- This is done by
**PSRNG**:*Pseudorandom Number Generators*is what is mostly used today- They create a number that appears to be
But they are completely deterministic and the series of numbers are repeatable after X instances.**random.** - They depend (heavily!) on the starting condition (seed).
- They can create “random” number sequences easily, but all “randomness” depends on this initial seed
- If the
*seed and algorithm*gets into the wrong hands + they discover “where you are in the sequence” is it possible to guess what the next number will be! - Later in this post we will implement a simple PSRNG-generator!
**Here**is a hack on the much used`xorshift128`

.

- They create a number that appears to be
**CRNG**:*Cryptographically Secure Pseudorandom Number Generator*- This is pseudorandom number generator that also is suitable for some
**crytography**-use. - The main difference between
and**PSRNG**is that**CRNG**,must comply with some special**CRNG****requirements**.

- This is pseudorandom number generator that also is suitable for some

### A pseudorandom number generator

As we have talked about earlier is pseudorandom numbers relatively easy to generate. But the “random quality” depends very much on the *seed quality!
*

The seed numbers needs to contain a high level of entropy/true randomness.

We implemented a simple * simple *32-bit

`xorshift`

algorithm as shown **here**.

With the seed`0x770E`

, was the resulting *Random* sequence:

`723471715, 2497366906, 2064144800, 2008045182, 3532304609, 374114282, 1350636274, 691148861, 74685895, 2653896249...`

YES, with the same algorithm and seed can you create the same sequence!

So you should create the seed-value with care! E.g. fill it with *entropy* by measuring something noisy/”*random*” process or taking the time on a **human** button-press etc.

The implemented * PSRNG *was used to create the featured image in this blog post. To do that we used it to create 1920 * 1080 = 2 073 600 “

*random*” numbers.

As explained in the **theory behind the algorithm** is the period 2^{32}−1. This makes it impossible to spot a repeating pattern in the image (2 073 600 << 2^{32}−1).

Note that this is a

NON-cryptographically-secure random number generator

And here is the same “*random*” number sequence (the image without text) as an audio-file (1920*1080 numbers converted to a 48 kHz mono audio file):

To show this weakness, here is an illustration of PHP `rand()`

, can you spot the repeating pattern:

### Final thoughts

This was only the top of the big *randomness*–**iceberg**.

Hopefully with this light introduction you will appreciate * the randomness* while logging into your Bank the next time.

**Is it possible to test my random number generator?**

*Short answer:* Yes and a bit no.

*Longer answer:* There exist several tools for this, but the the **DIEHARD TEST SUIT** is often something used.