What is a reliable way of generating a truly random number?
web development - I need a true random number generator web service - Software Engineering Stack Exchange
True Random Number Generator
The reverse breakdown (avalanche voltage) of one transistor base emitter junction and Vbe of the second transistor add up to 8V.
Source is 18V, diode drops 8V and the series resistor is 1K so there's 10mA through it. You may see some noise but the amplitude will be small. Try a 100K resistor instead. What you should see is 8VDC with less than 500mVp-p of fuzz riding on it.
More on reddit.comA true random number generator from a web-camera video input
Videos
As far as I know, most random number generators aren't truly random, and with sufficient skill, they can be reversed engineered and thus become (computationally) predictable. This is a problem in cryptography, as random number generation is necessary, but they need to be completely unpredictable (i.e. for generating large primes for keys).
Is there a way to access hardware RNG in C? I heard that modern CPUs have this functionality, but it doesn't seem trivial to access this, so any help would be appreciated.
Maybe this one.
http://qrng.physik.hu-berlin.de/
From the site:
We provide a new quantum random number generator (QRNG) based on the quantum randomness of photon arrival times. It promises provable and long term statistical quality, speed as well as affordability. Our design creates a new quality in the sense that it offers substantially higher bit rates than previous solutions available to the public. This has become possible by exploiting most recent photon timing instrumentation and state-of-the-art data processing in hardware.
In addition to providing high speed (up to 150 Mbits/s over USB), the post-processing algorithm applied to the raw data is based on solid predictions from information theory which guarantee conservation of randomness. This allows for the use of the delivered random numbers in unconditionally secure encryption schemes.
[...]
Access Policies
None of the served data is delivered more than once, neither to a single user nor across > independent users. Using the service is free of charge, but requires registration.
What you are asking for is Holy water, and you are rejecting the suggestion that you use regular water. The only reason for preferring Holy water over water is religious. There are simple, randomly-seeded PRNGs that cannot be distinguished from true physical randomness by any known process. And these systems are non-deterministic.
A real-world computer has several sources of true physical randomness. For example, a modern x86 CPU has a 'TSC' which measures the instruction cycle count (and thus, indirectly, the time to a resolution of a billionth of a second or so).
You can capture the TSC when a network packet arrives. The low bits of the TSC will depend on the precise offset between the crystal oscillator that times the network interface and the crystal oscillator that runs the CPU. This is dependent on microscopic zone temperature variations in the two quartz crystals that are believed to be truly random.
Similarly, you can capture the TSC when data arrives from the hard drive. The low bits are dependent on turbulent airflow shearing between the hard drive surface and the case. This is also believed to be truly random.
Well-known algorithms, such as the one the Linux kernel uses (developed by Theodore Ts'o based on the work of M. Matsumoto and Y. Kurita) use the avalanche effect to convert a few unpredictable bits into a much larger number. The only differences between the outputs of these algorithms (assuming they are properly seeded by TSC data) and the output of true physical randomness is religious -- no known method can distinguish these outputs. There is no test that one will pass and the other will fail.
I have developed random number generators for online casino use that have achieved independent certification. These methods are the ones used in the real world.