Many applications utilize random numbers or sequences of random numbers. For example, ciphering algorithms utilize random number sequences as part of the enciphering process. However, the methods utilized to generate random numbers vary in the quality of their randomness. The quality of randomness is measured statistically to determine whether produced numbers are generated in correct proportions. True randomness also requires that the generated numbers are not predictable. Computer algorithms are not able to easily generate numbers that approximate true randomness and instead computer algorithms generate pseudo-random numbers. Pseudo-random number generators attempt to approximate the generation of true random numbers.
Generally, fast and simple pseudo-random number generation algorithms can be identified by a statistical analysis of their output (i.e., the statistical analysis reveals the specific algorithm that generated a set of pseudo-random numbers), which can jeopardize the function of the application that relies on the generator. For example, a ciphered number can be decrypted if the pseudo-random number sequence on which it is based can be determined. Stronger random number generators tend to be slower or more resource intensive making them impractical for many applications.
As a result, many applications that rely on pseudo-random numbers or sequences must incorporate a design decision that accepts the poorer random qualities of faster algorithms or that accepts higher resource requirements and slower speeds to obtain better random qualities. For example, enciphering algorithms like RC4, which is relied upon in enciphed communication protocols such as secured socket layer (SSL) have weaknesses due to their random number generation (e.g., RC4 has key scheduling weaknesses that are discernable for thousands of bytes after a rekeying operation), but the enciphering algorithms must be fast or they hinder the performance of the communications they encipher.