Random Number Generator: Cryptographic Randomness

Two Types of Random Numbers

Not all random numbers are created equal. In computing, there are two fundamentally different kinds of random number generation, and using the wrong one can range from mildly inconvenient to catastrophically insecure.

Pseudo-Random Number Generators (PRNG): These are algorithms that produce sequences of numbers that appear random but are entirely deterministic. Given the same starting value (seed), a PRNG produces the exact same sequence every time. JavaScript's Math.random(), Python's random module, and C's rand() are all PRNGs. They are fast and produce numbers with good statistical distribution — suitable for games, simulations, random sampling, and UI effects.

Cryptographically Secure PRNGs (CSPRNG): These generators produce numbers that are computationally infeasible to predict, even if an attacker knows the algorithm and has seen previous outputs. They draw from entropy sources — hardware events, operating system randomness pools, timing jitter — to ensure unpredictability. The Web Crypto API's crypto.getRandomValues(), Node.js's crypto.randomBytes(), and /dev/urandom on Linux are CSPRNGs.

The distinction matters for security. If you generate a password reset token using Math.random(), an attacker who can determine the PRNG's internal state (by observing a few outputs) can predict all future tokens and take over any account. If you generate the same token using crypto.getRandomValues(), predicting the next token requires breaking the underlying cryptographic primitive — computationally infeasible with current technology.

How PRNGs Work

A PRNG maintains an internal state — a number or set of numbers — and transforms it using a mathematical function each time a random number is requested. The output is derived from the state, and the state is updated for the next call. The sequence is periodic: eventually the state repeats, and the sequence cycles. The period length depends on the algorithm and the state size.

The Mersenne Twister, used by Python's random module and many other languages, has a period of 2^19937 - 1 — a number so large that it will never repeat in practice. Its state is 624 32-bit integers. The algorithm has excellent statistical properties: the output passes virtually all standard randomness tests. But it is not cryptographically secure — observing 624 consecutive outputs is enough to reconstruct the entire internal state and predict all future outputs.

The xorshift family of PRNGs trades some statistical quality for extreme speed. Xorshift128+ (used by V8 JavaScript engine for Math.random()) uses just two 64-bit state variables and a handful of XOR and shift operations. It is very fast but has known weaknesses — certain bit patterns in the output are slightly more likely than others, and the low bits have shorter periods than the high bits.

Linear Congruential Generators (LCGs) are the oldest and simplest PRNGs. They use the formula next = (a * current + c) mod m. C's rand() is typically an LCG. They are fast but have poor statistical properties — low-order bits cycle with short periods, and consecutive values show visible patterns when plotted in multiple dimensions.

Entropy Sources

Cryptographic random number generators need entropy — genuine unpredictability sourced from the physical world. Operating systems collect entropy from various hardware events:

Hardware interrupts: The precise timing of keyboard presses, mouse movements, disk I/O completions, and network packet arrivals varies by microseconds in ways that are impossible to predict externally. These timing variations are collected and mixed into an entropy pool.

Hardware RNG: Modern CPUs include dedicated random number generator instructions. Intel's RDRAND and RDSEED instructions use thermal noise in the CPU to generate random bits. ARM processors have similar features. These provide high-throughput hardware randomness that supplements software entropy collection.

Environmental noise: Some systems sample analog-to-digital converter noise, radio frequency interference, or other physical phenomena. Dedicated hardware random number generators used in high-security applications may use quantum effects — photon polarization, radioactive decay timing — as entropy sources.

The operating system's entropy pool (accessible via /dev/urandom on Unix systems or CryptGenRandom on Windows) mixes these sources using cryptographic hash functions. The result is a stream of random bytes that is both high-quality (passes all statistical tests) and unpredictable (computationally infeasible to predict even with partial state knowledge).

Practical Applications

Password and token generation: Always use CSPRNG. Passwords, API keys, session tokens, password reset tokens, email verification codes, and OAuth secrets must all be generated with cryptographic randomness. The standard approach is to generate N random bytes and encode them as hex or base64.

Games and simulations: PRNG is fine. Dice rolls, card shuffles, procedural terrain generation, enemy AI decisions, and loot drops do not need cryptographic security. PRNGs are faster and can be seeded for reproducibility — useful for replays, testing, and procedural content that should be the same for all players.

Statistical sampling: PRNG is usually sufficient. Random sampling from datasets, Monte Carlo simulations, A/B test group assignment, and randomized algorithms work well with quality PRNGs like the Mersenne Twister. The statistical properties (uniform distribution, independence) matter more than unpredictability.

Lottery and gambling: CSPRNG is legally required in most jurisdictions. Online gambling platforms must use certified random number generators that are regularly audited. The stakes are high — a predictable RNG in a gambling application is both a security vulnerability and a legal liability.

Cryptographic operations: CSPRNG is mandatory. Key generation, initialization vectors, nonces, salt values, and any parameter that contributes to cryptographic security must use cryptographic randomness. Using PRNG for these purposes undermines the entire security model.

Generate Random Numbers Online

Our Random Number Generator produces random numbers using the Web Crypto API for cryptographic-quality randomness. Specify a range (minimum and maximum), choose how many numbers to generate, and optionally exclude duplicates. The tool also generates random sequences for passwords, PINs, and lottery-style picks.

All generation happens in your browser using crypto.getRandomValues() — your random numbers are never transmitted or stored. Use it for secure token generation, fair random selection, statistical sampling, or any application requiring reliable randomness.