Two of your three functions are easly, luckily.

Generating a full 2048-bit random number isn't particularly hard, nor is generating a N-bit number. Simply generate random bytes or words (or whatever is appropriate, according to the max value generated by your PRNG) and copy the raw bits into the memory buffer where the arbitrary precision number (or 2048 bit number) lives.

No special treatment necessary other than choosing a quality PRNG.

Then it isn’t very random.

Ordinarily, I'd agree, but how do I cast a 2048 bit number to a double?

The only valid approach is to use the __while-loop__ technique. Generate numbers and reject the ones that don't fit. As much as you may hate that idea, but if bias is not acceptable, there's hardly a way around.

Turning a double into a 2048 bit number works of course, but is an even worse approach than modulo. Modulo will bias your distribution, but it is at least mostly pseudo-random (actually it's not just* "mostly" *pseudo-random, it is pseudo-random, only biased), and it contains all possible numbers.

You only have 64 bits of information in a double, so deriving a 2048 bit number from that, 96.8% of the bits in that number will be non-random, no matter what you try (multiply, hash, whatever... the entropy isn't getting any bigger).

That's 1984 bits unused, so only about one in 10^{597} possible numbers can be generated (read as: you are using 0% of the possible numbers). For pretty much every application, that's catastrophic.

In order to make the while loop a bit less prone to having infinite runtime, you should first determine how many bits you need, and use your generate-N-bits random function rather than the full-range function. That way, the worst case likelihood that a number must be rejected can be reduced by about 50% (not more, unluckily, since 50% of the numbers with N bits fall into the range of the highest order bit, so in the worst case, if you chose a limit of 2^{n}+1, you will reject 49.999% of your numbers -- nasty, but that's still much better than rejecting 99.999%).

Not much more you can do about it *unless it is acceptable to have a bias*. If that is acceptable, you could just clear the highest bit if the generated number is above the threshold, or you could only regenerate the most significant NUM_WORD_BITS bits and try again, or you could subtract a pseudorandom constant. All of these will still produce "mostly random" values, but will be just as badly biased (or even worse!) as using a modulo would be.

**Edited by samoth, 17 March 2014 - 07:44 AM.**