• Fades@lemmy.world
    link
    fedilink
    arrow-up
    10
    arrow-down
    5
    ·
    edit-2
    1 year ago

    It’s not just about not wanting random, but randomness is actually very hard to create. Every random number is actual pseudo random

    Some basic breakdowns of this concept:

    https://slate.com/technology/2022/06/bridle-ways-of-being-excerpt-computer-randomness.html

    The problem modern computers have with randomness is that it doesn’t make mathematical sense. You can’t program a computer to produce true randomness—wherein no element has any consistent, rule-based relationship to any other element—because then it wouldn’t be random. There would always be some underlying structure to the randomness, some mathematics of its generation, which would allow you to reverse-engineer and re-create it. Ergo: not random.

    Kid friendly version:

    https://stackoverflow.com/a/633085

    • Turun@feddit.de
      link
      fedilink
      arrow-up
      9
      ·
      edit-2
      1 year ago

      Every random number is actual pseudo random

      No, there are true random sources in a computer. Any outside input can be used to generate randomness. Mostly user input, but temperature fluctuations can work as well, if the sensor precision is high enough.

      Also the argument is only correct on a technical level for PRNGs. Choose a 65535 sided dice and make the instructions a thousand steps long and you’ll have a pretty hard time to deduce the instructions from the generated numbers. Not to mention how long the list of numbers needs to be for the attacker to start guessing.

      • Honytawk@lemmy.zip
        link
        fedilink
        arrow-up
        6
        arrow-down
        5
        ·
        1 year ago

        It is all based upon calculations with known numbers.

        A computer can’t create a number out of nothing.

        That is why Cloudflare uses lava lamps to generate random numbers for their cryptography. And even those aren’t fully random.

        • vrighter@discuss.tchncs.de
          link
          fedilink
          arrow-up
          7
          ·
          1 year ago

          Modern cpus actually do have trng hardware built in. So yes, modern computers can create numbers out of nothing, because they have specialized hardware to do so

        • FooBarrington@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          No, CloudFlare doesn’t use lava lamps to generate random numbers, that was a marketing stunt. Using a camera in a completely dark room is a better source of entropy than one pointed at lava lamps.

          Also, nobody is saying that computers create a number out of nothing. The environment is a great source of entropy (temperature fluctuations, user inputs and so on) which are then expanded into a larger amount of entropy through CSPRNGs.

          • Karyoplasma@discuss.tchncs.de
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Using a camera in a completely dark room is a better source of entropy than one pointed at lava lamps.

            Why is that? Naturally occurring or manufacturing-related impurities in the optical chip?

            • FooBarrington@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              All digital cameras are imperfect - there is always a bit of noise, but usually it doesn’t come through since your scene is bright enough to make small amounts of noise imperceptible. In a completely dark room the camera still tries to get data from the photo sensor, but the noise (created by temperature fluctuations, imperfections in the chip itself and so on) is all you get. You may theoretically be able to predict the noise on short time scales, but it’s a chaotic system.

    • Ultraviolet@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      This is an irrelevant distinction for any case where you aren’t worried about someone reverse engineering the algorithm and seed by logging output. Any half decent PRNG’s output will be statistically indistinguishable from true randomness.