Many computerized applications such as encryption algorithms, scientific models, and analytical tools require random numbers. The most common approach for generating random numbers involves using a software algorithm. To generate random numbers, the algorithm uses a starting value, referred to as a seed. The seed is then manipulated using complex processing algorithms to yield a result. While software algorithms provide a readily available and inexpensive means for generating random numbers, software algorithms have shortcomings.
The most severe shortcoming arises from the use of a seed value which is not a truly random number. The use of a non-random seed injects a starting bias into the algorithm. The complex processing used to manipulate the seed also imparts a bias, and the result is a number that is not truly random. For example, if two random number generating software algorithms are run against each other using different seeds, the output of the algorithms will tend to converge on the same final result over time. The convergence towards a common value for both algorithms is known as a biased, or non-random, result. The name given to the biased output of a random number generating software algorithm is “pseudo random number”, hence these algorithms are more properly referred to as pseudo random number generators (PRNGs). An additional shortcoming of PRNGs is that they require computational resources and memory. Memory is required to store the complex processing algorithms, seed, interim results, and the resulting pseudo random number (PRN). Computational resources, in the form of microprocessor operations, are required to manipulate the seed in order to arrive at a PRN.
Since a pseudo random number has a bias, predicting its value, and the value of any quantity derived from it, is much easier than predicting the value of a truly random number. When pseudo random numbers are used to create encryption keys for computerized communications, the resulting key is easier to crack. If an intruder cracks an encryption key, the intruder has access to all of the previously encrypted data. When pseudo random numbers are used to validate scientific experiments, their bias can lead to errors.
Because of the shortcomings associated with PRNGs, it is preferable to use truly random numbers for applications requiring random numbers. A truly random number is one in which the present value is not dependent upon, nor related to, the value of any other number in the sequence; that is, the present value of the number is determined only by unbiased chance. If the value of the number is unbiased, then the likelihood that a particular number will appear will not change over time; in other words, it will always be unpredictable. For example, if a truly random process can have an output value of zero or one, then the probability of the number being a one at any given instant in time should be equal to 0.5. In addition, the present output value should be uncorrelated, i.e. it should not be dependent upon, nor related to, a previous value of the output.
Truly random numbers are difficult and costly to obtain. The difficulty arises because random numbers are normally obtained by sampling truly random processes. Truly random processes come from a limited number of physical activities, or phenomena. Examples of commonly used random processes are radioactive decay, electronic (Johnson) noise, or unstable oscillators. Since random physical processes are analog, they must be sampled to convert them into a digital form useable by computer applications. Care must be exercised when sampling random processes so that sampling biases are not introduced into the digitized data. If sampling biases are introduced into the sampled data, the truly random nature of the sampled process will be destroyed.
The costs and complexity associated with maintaining and properly sampling random physical processes, such as the decay of radioactive elements, prevent many would-be users of random numbers from having access to them. As a result, pseudo random numbers are used, resulting in computerized encryption algorithms that are easier to crack and scientific experiments that are more difficult to validate.
There is presently a need for a low cost and reliable source of truly random data capable of use in computer applications. The source of random data should be such that each user does not have to incur the expense of maintaining and properly sampling a truly random process. In addition, the source of truly random data should allow collaborating users to access the same truly random number as a starting point for their applications. In addition, the source of random data should be configurable so that random numbers can be securely distributed to authorized users without eavesdroppers gaining access to the data. Furthermore, the source for truly random data should be capable of accounting for random data sent to a particular user to facilitate record keeping.