Channels ▼
RSS

Web Development

Truly Random Numbers


A new approach to generating truly random numbers could lead to improved Internet security and better weather forecasts, according to researchers writing in the International Journal of Critical Computer-Based Systems.

Random numbers are a critical part of computer and Internet security. They allow websites and browsers to encrypt the data sent between them using a session key. Weather forecasters, climate scientists, economists, and epidemiologists also use random numbers to generate simulated data for their predictive models. Such simulations can test theories of hurricane formation, climate change, and the spread of disease epidemics, for instance.

According to Bernhard Fechner of the University of Hagen, and Andre Osterloh of BTC AG, in Germany, the "quality" of a random number is a measure of how truly random the number is. This quality affects significantly any security or simulation in which it is used. If a so-called random number is not truly random, then someone could predict a security key and crack the Internet encryption on bank accounts, e-commerce sites or secure government websites, for instance. Similarly, if the random numbers used in scientific models of the weather, climate, or the spread of disease and economic boom and bust are predictable, then systematic errors will creep into the models and make the predictions unreliable.

Fechner and Osterloh explain in their paper, "A Meta-level True Random Number Generator," that a good random number in computer binary would usually comprise discrete and uniformly distributed ones and zeroes. In such a sequence there is no way to predict what digit will appear next, the number is thus random. In reality, it is unfeasible to generate a sequence that is totally unpredictable by computational means. Therefore, physical means are used to generate true random numbers.

The German team has now developed a true random number generator that uses an extra layer of randomness by making a computer memory element, a flip-flop, twitch randomly between its two states 1 or 0. Immediately prior to the switch, the flip-flop is in a "metastable state" where its behaviour cannot be predicted. At the end of the metastable state, the contents of the memory are purely random.

The researchers' experiments with an array of flip-flop units show that for small arrays the extra layer makes the random number almost twenty times more "random" than conventional methods. The degree of randomness possible depends on the size of the array and so a bigger array could be even more effective. Essentially, this means that the bigger the array the better the quality of random numbers. As such, it is many times more difficult to predict with any degree of certainty the next number in a sequence compared to current random number generators. This could be used to improve everything from climate change models to stock market predictions.

The team adds that the efforts of a cracker attempting to influence the array will be wholly obvious to a simple statistical analysis as -- depending on the type of attack -- either the whole array or single elements will be disturbed, whereas these are again selected randomly. So this true random number generator can protect systems against third-party snooping, potentially making private and sensitive transactions on the Internet more secure.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 
Dr. Dobb's TV