Pseudo-random vs true random · Mersenne Twister · Cryptographically secure random numbers · Practical application scenarios
Random numbers are an essential and fundamental component in modern computing. From sweepstakes on your phone to encrypted communications in banking systems, from scientific simulations to drop mechanics in games, random numbers are everywhere. However, there are profound mathematical and engineering questions behind the word "random" - can computers really generate truly random numbers? Which random number generator should be chosen in different scenarios? This article will systematically answer these questions.
A computer is essentially a deterministic machine—given the same input, it always produces the same output. So, how does it generate seemingly random numbers? The answer is pass伪随机数生成器(Pseudorandom Number Generator, PRNG)。
PRNG uses an initial value (calledseed) as a starting point to generate a sequence of numbers through a specific mathematical algorithm. These numbers appear to be random in a statistical sense, but are actually completely determined by the seed and algorithm. Given the same seed, PRNG The exact same sequence will be produced every time - that's what "pseudo" means.
💡 Key features:PRNG The generated sequences are deterministic and reproducible. This is very useful in testing and debugging - you can reproduce random behavior with a fixed seed.
The most classic PRNG algorithm islinear congruential generator, proposed by Lehmer in 1951. The formula is extremely simple:
X(n+1) = (a × X(n) + c) mod mwhere a is the multiplier, c is the increment, and m is the modulus. For example, in the C language standard libraryrand() Functions are usually implemented using LCG. Although simple and efficient, LCG has obvious flaws: poor low-bit randomness, short period, and uneven multi-dimensional distribution.
| advantage | shortcoming |
|---|---|
| Fast and extremely low computational overhead | The output is predictable and not suitable for security scenarios |
| Reproducible for easy debugging and testing | Statistical properties may be less than ideal |
| No special hardware support required | If the seed is leaked, the entire sequence is exposed |
Unlike PRNG,True Random Number Generator (TRNG)Exploiting the unpredictability of physical processes to generate random numbers. These physical processes include:
现代处理器通常内置了硬件随机数生成器。Intel/AMD 处理器通过RDRAND和RDSEEDInstructions provide hardware random numbers that exploit thermal noise as a source of entropy. in Linux systems/dev/random和/dev/urandom Various physical events in the system (disk read time, network packet arrival interval, etc.) are collected as an entropy pool.
| advantage | shortcoming |
|---|---|
| true unpredictability | Slow generation |
| Not affected by seeds | Requires special hardware or entropy source |
| Suitable for cryptography and security scenarios | Not reproducible, not conducive to debugging |
Mersenne Twister (Mersenne rotation algorithm)It is one of the most widely used PRNGs and was proposed by Makoto Matsumoto and Takumi Nishimura in 1997. Its name comes from the length of its period - a Mersenne prime.
MT19937 has become the default random number generator for many programming languages:
#Python
import random
random.seed(42) # Use MT19937
print(random.randint(1, 100))
# JavaScript (using third-party libraries)
const mt = new MersenneTwister(42);
console.log(mt.random());
#Java
import java.util.Random;
Random rand = new Random(42);
System.out.println(rand.nextInt(100));⚠️ Important warning:Mersenne Twister Not suitableFor cryptographic purposes. As long as 624 consecutive outputs are observed, its internal state can be deduced and thus all subsequent outputs can be predicted.
Cryptographically Secure Pseudo-Random Number Generator (Cryptographically Secure PRNG, CSPRNG)On the basis of PRNG, a cryptographic security guarantee is added: even if the attacker knows the previous output, he cannot predict the next output in polynomial time.
| characteristic | PRNG (such as MT19937) | CSPRNG |
|---|---|---|
| predictability | Known state is predictable | The output cannot be predicted even if it is known |
| speed | extremely fast | Slower (but still acceptable) |
| Statistical properties | excellent | excellent |
| Applicable scenarios | Simulation, games, testing | Key generation, tokens, encryption |
#Python
import secrets
secure_token = secrets.token_hex(16) # Secure random hexadecimal string
secure_number = secrets.randbelow(100) # Secure random number from 0-99
#Node.js
const crypto = require('crypto');
const token = crypto.randomBytes(32).toString('hex');
const number = crypto.randomInt(1, 101);
# Java
import java.security.SecureRandom;
SecureRandom sr = new SecureRandom();
byte[] bytes = new byte[32];
sr.nextBytes(bytes);
# Go
import "crypto/rand"b := make([]byte, 32)
_, err := rand.Read(b)Modern CSPRNGs typically employ the following architecture: Seeds from multiple entropy sources (hardware noise, system events, timers, etc.) are collected and then expanded into longer random sequences via cryptographic algorithms (e.g., AES-CTR, ChaCha20, Hash-DRBG). Linux kernel/dev/urandom Uses the ChaCha20 algorithm, while CryptGenRandom for Windows uses SHA-256 at its core.
Online lottery is the most common random number application scenario. The random numbers here need to meet two core requirements:fairness和uncontrollability。
Recommended practice: Use CSPRNG to generate random numbers and publicly record the generation process (such as using a random number beacon on the blockchain) to ensure that the lottery results are auditable. Risetop's random number generator tool provides multiple modes to help you choose the appropriate random number type according to the scenario.
The Monte Carlo method uses a large number of random samples to approximately solve mathematical problems and is widely used in financial pricing (option pricing), physical simulation (particle transport), engineering optimization and other fields. In this kind of scenario, random numbers arestatistical qualityExtremely demanding, but does not require cryptographic security guarantees. The Mersenne Twister is ideal - it's fast, even and has a long cycle time.
Random number applications in the game include: damage floating, critical hit determination, item drops, map generation, AI decision-making, etc. Key considerations:
CSPRNG is a must for any scenario involving security: generating non-random numbers for passwords, API keys, session tokens, encryption keys, SSL certificates, etc. Using plain PRNGs is a common source of security vulnerabilities.
| scene | recommend | reason |
|---|---|---|
| Monte Carlo simulation | Mersenne Twister | High speed, long cycle, good statistical quality |
| game development | Mersenne Twister / xoshiro | Fast, can fix seeds |
| Sweepstakes | CSPRNG | fairness requirement |
| 密钥/令牌生成 | CSPRNG | Security requirements |
| Unit testing | Fixed seed PRNG | Results are reproducible |
| machine learning | Mersenne Twister / NumPy | Good ecological compatibility |
Default for most languagesrandom() Use PRNG (usually MT19937), for security and encryption scenariosFar from enough. It is important to distinguish between "statistical randomness" and "cryptographically secure randomness".
TRNG It is slow, unreproducible, and not as practical as PRNG in many scenarios. Which one you choose depends on specific needs, not absolute "good or bad".
For PRNG, seed complexity does not increase security - since the algorithm itself is reversible. Only CSPRNG can benefit from complex seeds.
Computers are inherently deterministic machines, but can generate truly random numbers by collecting unpredictable events from the physical world (thermal noise, user actions, etc.). Modern CPUs often have built-in hardware random number generators, and the operating system provides TRNG services through an entropy pool.
Not safe. Although MT19937 has excellent statistical properties, it is not cryptographically secure. After observing 624 consecutive outputs, the attacker can deduce the internal state. Security scenarios such as key generation must use CSPRNG.
CSPRNG must be used (such as Python’s secrets module, Node.js’ crypto.randomInt). It is also recommended that the seed source and generation process be publicly recorded and subject to third-party audits to ensure fairness.
random The module uses Mersenne Twister, which is fast but unpredictable and suitable for simulations and games.secrets The module uses the CSPRNG provided by the operating system, which is secure but slightly slower and suitable for key and token generation.
Fixed seeds allow PRNG to produce exactly the same sequence, which is very important in debugging, unit testing, and scientific experiment reproduction. For example, fixing seeds during machine learning training can ensure reproducible results.