Back to General and Gameplay Programming

Random Number Generation

myvraccount · 2015-04-30T19:03:45

I guess this is a programming question, but only indirectly (I wasn't sure where to post it). Anyway, I need random data, and lots of it! I need many megabytes worth of random bits, and it can't be PSEUDO-random, but actually random (at least in the sense that it wasn't created by any mathematically predictable pattern at all)! I've heard of devices that can do this by measuring radioactive decay of particles or some such thing, but I don't think I need one of those (I wouldn't even know where to get one). As I recall, years ago, I saw a website that allowed people to download arbitrarilly sized blocks of absolutely random (not pseudo) data. I don't remember what it was though. Does anyone have any ideas?

General and Gameplay Programming Programming

Started by myvraccount April 28, 2015 01:43 PM

70 comments, last by ApochPiQ 8 years, 12 months ago

Agony

3,452

April 28, 2015 04:21 PM

What specifically is the property that you seek, that is critical to your purpose, which you believe truly random data will give you, but no pseudo-random implementation possibly can?

In the best case, a well-chosen pseudo-random algorithm might in fact be able to give you data with that property.

And I wouldn't be surprised if in the worst case, seeding a well-chosen pseudo-random algorithm with small amounts of truly random data would be plenty sufficient to do so.

I know you explicitly asked to avoid pseudo-random algorithms, but I frankly doubt that your reason, which you have so far refrained from stating, is well founded. If you are looking to make some kind of exploit truly impossible, then what you seek is likely impossible. In the world of randomness and cryptography and such, the objective is generally to make things obscenely difficult, because most things cannot be proven impossible, and in many cases are actually proven possible, but it doesn't matter due to how astronomically difficult they are.

"We should have a great fewer disputes in the world if words were taken for what they are, the signs of our ideas only, and not for things themselves." - John Locke

myvraccount

235

Author

April 28, 2015 04:49 PM

>If you are looking to make some kind of exploit truly impossible...

You just answered your own question. That's exactly what I need.

swiftcoder

18,997

April 28, 2015 05:57 PM

>If you are looking to make some kind of exploit truly impossible...

You just answered your own question. That's exactly what I need.

Even if you had true random number generation (you can buy such things, if you really want), it doesn't necessarily help all that much with security.

Most common security exploits don't attack the cryptographic function itself, rather they attack the key exchange process. It's generally way easier to execute a Man-In-The-Middle attack by jacking the secure keys in transit, than to crack even a moderately effective cryptographic pseudo-random number generator...

Tristam MacDonald. Ex-BigTech Software Engineer. Future farmer. [https://trist.am]

alvaro

21,604

April 28, 2015 05:58 PM

Whether truly random numbers exist is a question for philosophers, and not a particularly interesting one, from my point of view. But I'll give you a practical recipe to compute numbers that are random for all intents and purposes.

Let's say you need 100 megabytes of data. I would generate that much data using a variety of methods. Off the top of my head:
* a chunk of data extracted from /dev/urandom on a modern Linux system,
* a chunk from a compressed tar of all the files in your home directory,
* a chunk from a compressed file containing video captured from your webcam,
* [Add your favorite method[s] here].

Now take all those 100-megabyte blocks and XOR them together. The result is random mush. In some sense that can be made precise, the result is at least as random as the most random of the ingredients. Whatever you are trying to do with random numbers, these are good enough.

Brain

19,059

April 28, 2015 06:06 PM

Use your friendly neighborhood ssl library's random implementation to seed a deterministic prng which you then pull your megabytes from. Something like a mersenne twister, and re-seed at semi regular random intervals.

If that's good enough for ssl, it should be more than enough for any game...

Edit: couldn't resist...

Games/Projects Currently In Development:
Discord RPG Bot | D++ - The Lightweight C++ Discord API Library | TriviaBot Discord Trivia Bot

samoth

9,833

April 28, 2015 06:07 PM

How can it be cryptographically secure if iy's only pseudo-random? That doesn't sound secure at all!

The way this works is, you append some kind of entropy which you can collect from many sources (like, for example, nanoseconds since last received network packet) to a buffer, and run a secure hash function over it, which causes an avalanche effect on the input bits, creating a "more random looking" output. This can be repeated many times, with new entropy being added or no new entropy being added. In the latter case, the output will be merely pseudorandom, but it is still "cryptographically secure" insofar as there is no straightforward way of predicting the output.

If true random entropy is being added continuously, the output remains "truly random" (to some extent, it is only truly random if the number of entropy bits added is equal or higher than the number of bits you pull from the generator, but in every practical respect, it's "truly" random if you pull a lot more anyway, you won't be able to show a difference).

Are you kidding me? That websites limits it to 16k? WTF am I supposed to do with 16k?!

No kidding, generating 16k true random numbers is very hard. And, nobody really needs that much random data.

myvraccount

235

Author

April 28, 2015 06:39 PM

braindigitalis, this isn't actually for a game - that's why I put it in the general programming section, but wasn't really sure where it belonged - I just thought you all might have some ideas, that's all.

>And, nobody really needs that much random data.

samoth, http://en.wikipedia.org/wiki/One-time_pad

MarkS_

3,509

April 28, 2015 07:15 PM

braindigitalis, this isn't actually for a game - that's why I put it in the general programming section, but wasn't really sure where it belonged - I just thought you all might have some ideas, that's all.

>And, nobody really needs that much random data.

samoth, http://en.wikipedia.org/wiki/One-time_pad

Now you're just sounding paranoid! The only organizations with the need to use such a method are not going to ask how to do so here! Whatever you're trying to encrypt isn't nearly as important as you may think. ;)

BitMaster

8,652

April 28, 2015 07:54 PM

For some reason this comes to mind.

myvraccount

235

Author

April 28, 2015 08:17 PM

>Whatever you're trying to encrypt isn't nearly as important as you may think.

But it is, TO ME.

Random Number Generation

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Random Number Generation

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Reticulating splines