# How do software engineers produce randomness?

Asked by xgunther (446) December 20th, 2007 from iPhone

like a shuffled deck of cards for example.

Observing members: 0 Composing members: 0

In Visual basic, you can do so using a random number generator (Dim——- as new Random)

In Java, you use the “Random” class to generate random integers between 0 and N

For c++, i think you use the “rand” function ( i havent done c++ since sophomore year in HS)

mirza (5042)

There are mathematical functions called pseudorandom number generators. You take a number, called the seed, and you do this function on it, then store the result and only look at the rightmost four (for instance) digits. The next time you need a random number, you do the same function on the number you stored, store that result, and only look at the rightmost four digits. You repeat this as necessary.

(The actual function is much more complicated, but that’s the general idea.)

The problem with this approach is that it’s pseudo random—it’s not really random, because if you know what the seed is, you can duplicate the entire series of numbers.

This is usually wrapped up in a library for whatever language you are using—Mirza offers a summary of a couple ways to use that library.

Some machines have special hardware that pays attention to things like the timing interval of keypresses and uses that to generate a truly random number.

Once you have a source of randomness, either real random numbers or pseudorandom numbers, you can then use them to shuffle decks of cards or roll dice or whatever else you need to do to generate enough randomness.

cwilbur (14194)

thanks for some awesome answers. Yeah, I always thought it was pseudo random, it always boggles my mind when I think of artificial randomness.

Thanks again!!

xgunther (446)

Nothing is truly random in certain philosophical senses, but things taken out of context and proportion appear and can be effectively or perceptively random, and lots of things are unknown. Just about every computer has timer functions, or can be programmed with one, and then has some sources of randomness, such as the above-mentioned keypresses. Those can be used every time, or simply used as a way to generate a random seed for pseudo-random numbers.

Some security-oriented companies actually sell supposedly very-random numbers. Pretty funny concept.

Zaku (24539)

c++ does random through the rand function, but its not truly random until the object is seeded with a function called srand(time(0)) and seeds based on seconds that have passed since January 1, 1970, throws it into a big equation and spits out an answer. since the seconds are always increasing you will always get a different answer.

and cwilbur im in the same boat as you with always having my mind boggled when thinking about artificial random. not really random now is it?

Suppose I write a program that seeds a pseudo-random number algorithm with the input from the millisecond clock at the moment you press the button to ask for a random number. Would you say that was any more or less random than the result of rolling a die, or spinning a roulette wheel? Really depends on how you define randomness, no?

Zaku (24539)

damn you zaku, making me think all deep like and stuff. ^_^ i would still think a roulette wheel or rolling die would be more “random” but then again are they really all that random themselves? after all they are both strongly influenced by the person that is spinning or rolling each respectively.

Yes. In fact, there are people who develop SKILL in rolling dice and spinning wheels to generate a certain result (generally by limiting the motion). I’d propose that the program I mentioned is actually more random, because there is no way to see what the computer is doing or control motion to the millisecond level.

… UNLESS the player is another computer, which is why the security companies guarding and selling entropy actually makes some sense. E.g., if someone knows the algorithm being used, they might be able to use some sample results and accurate time synch to know when to press to get a certain result. Since some computers actually do guard data that could have major impacts if they were compromised, this is actually considered a real kind of risk.

But of course, it does depend on how one chooses to define randomness.

Zaku (24539)

If you’re interested in more information about how random numbers are generated in practice, this is an interesting paper about the Linux Random Number Generator, which is one of the most commonly used in the world.

It turns out that it gathers entropy from key presses, mouse events, disk seek times, and other hardware interrupts. If you’re very interested, you can read about the analysis of the security of this RNG.

rictic (85)

or