So, what you could is, is built it into the computer itself just using analog instead. It is not precise until it is converted to digital, but the idea here is, it will always vary. Take for example, the battery status. It is never ever the same in analog. So, add that signal to other signals in analog and you have something that will always vary slightly when converted to digital. I wonder how you can make perfectly safe random number generators in digital, since everything in software has been filtered to make it digital? Can you get to the analog signal of the battery in software?
yeah its easy I do it all the time, some people can even do it faster than others. never heard of any kind of time travel that could predict the future tho.
Small correction: “There’s no way for a traditional computer to generate a true random number because the entire system is deterministic.” This actually isn’t true. Various systems within the computer chip generate entropy as they operate due to inefficiencies and heat generation and such. Computers can actually measure entropy generating hardware as a way of obtaining a true random number. These really are true random numbers since entropy is the randomness of the universe and is inherently unpredictable. All computers running on modern x86 architecture (64 bit intel chips or any AMD chip since 2015) can run the instruction RDSEED, which probes entropy generating hardware to generate a true random number. The instruction is computationally expensive and takes many clock cycles to perform, so it’s recommended to be used as the seed of a pseudo random number generator rather than as a random number generator itself, hence the name RDSEED.
Going to add a correction to your correction, a computer can gain a finite amount of entropy from systems that are non-deterministic, like interrupt timings. The operating system stores a "pool" of entropy gained from these values, and then taps into that pool when RDSEED is called. It's an expensive instruction because it's reliant on software. If that pool has been exhausted or does not exist, the quality of these numbers drops from truly random, back to pseudo-random. Some organizations, like Cloudflare, need huge amounts of truly random numbers to generate millions of secure keys each day. To do this they use a physical system outside of the computer, in Cloudflare's case, its a webcam pointed at a wall of lava lamps.
This is probably one of the best approach to explaining an advanced concept in very simple terms and entertaining style.Thank you!Definitely following for more!
oh yeah totally, the best way to learn to program and solve problems is to take someone's solution, recreated it, break it to bits, and recreate it again in your own fashion lol
I had known about this that "It is impossible to create pure random numbers in computer science" but seeing it in practice as really cool. Your explanations are awesome. Keep it up.
Computers are made of electronics. All electronics have electrical noise which derives from quantum physics. That noise can be used to make nondeterministic random numbers. The entropy extraction algorithms can squish those random numbers into higher quality random numbers that are arbitrarily close to full uniform.
value1 = random.randrange(1,100000) d = random.randrange(0,6) value2 = random.randrange(1,100000) if d == 0: random = value1 + value2 if d == 1: random = value1 - value2 if d == 2: random = value2 - value1 if d == 3: random = value1 * value2 if d == 4: random = value1 / value2 if d == 5: random = value2 / value1 print(random) #now its ramdomish than just 1 random LOL
I would like to note that flipping a coin is not a chaotic system. A chaotic system is a system with high sensitivity to initial conditions, not that there are many initial conditions. A real example of a chaotic system is a double pendulum.
That's why we need a pseudorandom library that uses a variety of sources for seeding, other than the system clock. Stuff like current temperatures, microphone input (which is especially random in case of the cheap mics many people have that provide a lot of noise), mouse position at the time of setting up the seed, and any other sources of randomness you can think of. Also reseeding the generator every hour or so.
@@legendgames128 No, it's too easy to manipulate, just look at RNG manipulation in classic NES and GB titles (which didn't have a clock, unless one was provided on the cart and had to do seeding in the way you describe). Things like noises on the microphone or component temperatures are much harder to control. Basically, any analog input source is a good source of randomness.
@@UltimatePerfection I was suggesting additional things as well as what you provided, but yes, the manipulation that could come of player input is very much not random. I guess if the player has any say in the RNG, then the RNG could be manipulated to do whatever the player desires (so long as the RNG directly affects it) so scratch that idea.
You can use hardware seeds, if you're looking for a good RNG library you should check our PCG32. The author has a great talk explaining why it better than other approaches as well.
If the risk were just in dependencies using Math.random, you could easily inject a mock/stub instead. The mock can throw an error if used, but it doesn't mean that it's used for the critical part. Also you can create a stub always returning 0 to see if the encryption libraries become predictable.
Just a small semantic correction: It is incorrect to say that cryptography doesn't use pseudorandom generators, it absolutely does. No computable generator can be, by definition, absolutely random. They can be, however, observably random. That does not mean that the generator is not pseudorandom, it means that there is no known function that can discriminate that generator from a truly random one (always speaking in terms of polynomial time) . If this were not the case, symmetric key generation would be either an uncomputable problem, or and insecurely solvable one.
Hardware random number generators are a thing, and not uncommonly used in cryptography. Incomputable generators of random noise are fairly easy to make/use - just observe them.
He does conclude by saying "but you can use *cryptographically secure pseudo-random number generators*" at the end... Right after the bit where he said what you take issue with. Immediately after. So he's aware that they can be and do get used.
Interesting! I'm a graduate student in mathematics and I really like automated (and assisted) provers. But I don't really know about the application they have in industry. What is your line of work?
@@Pietro-qz5tm i don't have much experience with the automated proving part of things. I mostly use SAT solvers to efficiently (in practice) find solutions for NP-hard problems. You can think of it as a practical oracle
@@Pietro-qz5tm Well I've used it for computing certain width measures for graphs (popular in the area of Parameterized Complexity, like treewidth, treedepth etc) and for computing the structure of Bayesian Networks. If you're still curious, you could check out the papers at ac(dot)tuwien(dot)ac(dot)at(slash)vaidyanathan
@@aditya95sriram I have some experience with SAT solvers, and even wrote (a somewhat poor performing and non-proof producing) one. I believe there's a lot of ways in which incremental solvers could get better, I wrote a bunch of wrappers that iteratively call a SAT solver to simplify input formulas, or more specifically, to find all fixed units in the input formulas, and all fixed implications. This is *extremely* useful for some purposes, but is basically impossible without wrapping an IPASIR-like incremental solver and basically excluding similar solutions until UNSAT. I have used these solvers to find patterns in cellular automata that perform various things, like finding novel spaceships in new rules, finding patterns that implement (simple) logic circuits (going more complex would require a QBF solver and some forall constraints, but existing QBF solvers kinda suck). I've implemented various logic games (light-up, minesweeper, sudoku) in SAT-solver formulas, which allows for things like finding the simplest instance that is not solvable by some set of inference rules (which is useful if you can somehow assert the solution is unique), which you can do iteratively to do some fun stuff.
Great animation! Very entertaining to watch. Randomness is real, not artificial, and is the combination of two or more similar values into a confined space. “A and B are equal in size, but are forced equally to fit spot C, which is only big enough for one of them.” The value C at the conclusion is random, and not dependent on systemic error. An example is to count down to zero, but twice. The exact moment is indeterminate, because time keeps going, and no parts were favored. To compare why this is random, place two objects in-line on a track, and see who will come out ahead after many laps. The result is not inline, because each part is trying to win! The return of a function from time-dependency is called “seizing”, and can be implemented as an “LC-circuit”, or inductor-capacitor reforming array. Push energy into a capacitor, and see it try to escape at the earliest exact moment. When both arrays operate at the same time they’ll literally force on time to “let them pass”. The exact winner is therefore indeterminate, and this circuit produces a single bit of truly random information. Twenty bits will obliterate any form of computation developed by a mortal- you can crash the entire suite of any portal software: Windows, MacOS, Linus, Unix, etc. just by arranging those twenty bits somewhere on board. The operating system will find that electricity is too interested in a computation unrelated to the cpu-instructions and “hang”, or freeze, without any computation until a memory refresh takes place! See “particle assembly, physics” for more information about random numbers and why flow of information yields the need for a “break” every now and then! Long post, hope you enjoyed it! See Me for that information. I’ll find a way to help. Take care!
Electronics always produce noise. In most cases this effect is undesirable and computers are designed to reduce its impact on their operation. But it is possible to go other way and amplify the noise to make true random generator inside computer. And this is exactly what is done in latest CPUs.
Yup, but it is too slow when you need a lot of random numbers, so you seed with that and then depend of a good algorithm for the rest. Mersenne Twister should really be the bare minimum RNG algorithm but apparently things like this have been kept around for legacy code reasons (in the case of C++, I don't follow what goes on with Python). PCG32 is a good RNG library.
We've been told that computer generated random numbers are not actually random, back in 2nd or 3d grade in computer class. That is a really cool knowledge to have. And actually mega OP compared to all the other computer class knowledge we got, especially that early. Always wanted to find out actually how this algorithm works. Quite cool. Good vid actually.
Sure, but since the next number is easy to predict from the current number, leaking some of the numbers even after use can let an attacker get ahead by knowing the upcoming numbers. The problem isn't just that it is deterministic, but that the determinism is easily figured out.
I have simple idea from analog synthesizer. Build analog noise generator, add ADC, and when application needs random value you simple have to sample momentarily voltage at the output of noise generator
I thought this is someone with hundreds of thousands of subs but then I checked and he only has 900 subs. That’s crazy he definitely puts a lot of effort in his videos and they are fantastic. He deserves more subs.
Several observations. First, not all computers represent floating point as defined by IEEE 754. Yes, most that you are ever likely to encounter do but there are exceptions. Secondly, this video is based on the supposition that each random number generated is dependent upon the previous numbers. If that is not the case then the predictor does not work. To show this, change the generator to use a new seed each time. The seed can be the system time, the time between inputs to the program. or any other value obtained in a manner that is not deterministic.
Changing the seed does not solve the problems of predictability. It moves the problem: instead of generating random numbers you now have to generate random seeds for the number generator... those seeds are again random numbers. So if you have to change seed every time you need a random number then just use the new seed as the new random number
@@Pietro-qz5tm You are correct. Just use what i was calling the seed. That solves the predictability problem. The whole point of the video appears to be that for any given seed, the same finite repeating sequence of pseudo-random numbers will be generated. The nth number of the sequence can then be predicted from a large enough sample of consecutively generated predecessors. Mathematically, there exists a pair of functions f and g with fn being the result of each execution of f such that g(f1, f2, f3, ..., fn) = fn+1. Just consider the expressions following f to be subscripts. Does that pretty much sum it up? I think that the point that you were trying to make is that pseudo-random numbers are not truely random but you got too tangled up in the prediction function and never really said that. My point is that there are methods available to produce truly random numbers from the computer's environment.
@@WatchesTrainsAndRockets now it makes more sense. Let me just add two things, for clarity. An abstract computer (as a Turing machine, interpreter of lambda calculus, or whatever) does not have ways to generate nondeterministic random bits. But real ones can, as you said, collect random bits from the environment (just, please, don't use the time as a source of randomness, it is not a good one). Sometimes even real machines have problems. Just after boot for example, when environment entropy is low, or when a big quantity of random bits is required (that's why /dev/random is usually blocking in Linux). In theory given a deterministic prng a predictor exists, in practice such predictor may be very difficult to compute. That is the whole point of cryptographically secure prng: there are not known fast predictors. This was mentioned in the video and is, imho, a quite important distinction. z3 will never break a secure prng, it is a SAT solver but SAT problems are usually intractable.
You can try build a "true" random number genrator using a giger counter and somthing radioactive like a banana. Also some TMP has quantum random number generator built in
No need for radioactive sources. Just use electrical noise. It's a lot more abundant in electronics and comes with quantifiable entropy. That's how we do it in computers.
@@davidjohnston4240 yea but if you know exactly how every source of electrical noise works you could predict the output. But, radioactivity is truly random. We currently know of no way to predict when a radioactive element will decay. But, there’s no need to use a banana, you can just use yourself! You’re (slightly) radioactive!
@@loganiushere the generator in many modern TPM is electrical, and is considered quantum random. If you use a too small transistor electrons will randomly tunnel between on the gate, you can mesure its and use it as a true enteopy source, the biggest problem with electrical sources is tempeture dependunce, unlike radioactive isotops, the tempeture will affect the distribution of electron creating a bias and in result decreasing entropy.
Someone can predict the general movement of a lava lamp and how it reacts to changes in the variables around it (angle, temperature, etc…) but there is absolutely no way to accurately predict the exact placement of everything at a certain moment in time
@@nicholascurran1734 It's impossible bc exact positions on 2 lamps can make different numbers, and there's more than 1 bubble, sooo... Edit: it's possible only through matching exact patterns, and it would take decades
I remember that the last time when I needed random numbers for a school project, my code ended up carrying a full implementation of D. J. Bernstein's ChaCha20 stream cipher so I can use its keystream as a high-quality pseudorandom number generator.
2:30 Laplace's demon talks about this topic, and it turns out that it is mathematically impossible to predict the outcome, no matter how much reference data you have. Pretty interesting.
Dude! I was interested in this vid, mainly because I notices that generating events due to math like making a random number 0 - 100 and an event is (if > 50)... gave me one a lot then the other a lot! Great vid!
You can make your own PRNG, something simple, that peoples may not break so easy as classic random module that everyone knows. But it all depends for what purpose you need random number. For example, PRNG in games will be different from gamble machines, or in security application. There are lots of problems creating PRNG. Do you need efficient or performance PRNG, do you need FPU or not, what if there is no FPU on some PC, or what if you wanna avoid division because its not efficient, what ranges of numbers do you need, do you need negative numbers, for how long you need it to generate without going into shift or repeat, do you need all generated numbers to pop up equally distributed, eg. you are generating number between 0 and 1, 1m times, in the end do you need 500k 0 and 500k 1 numbers happening equally across all generated numbers or you are fine with 80% happened to be 1 and 20% of numbers generated are 0, or you need 50%:50%, with numbers 1, 2, 3 and 4, maybe you need 25%:25%:25%:25% equally, or 60%:4%:25%:11%: equally across all generated numbers. For example in game, 20% critical chance sounds fine, by math it may happen every 20th hit, because of math, and math does not give or think, but humans will see 20% as 1 guarantee in 5 tries, right(?), same with dice rolls, 6 sides, 1:6 chance that you will get what you need, and yet after 20th retry you cannot get number 6, because dice doesnt give a thing about previous results, and to people it looks like black magic, or something shady, not fair, and such, thats why Blizzard implemented in Warcraft 3 back in 2000 PRG Distribution, and its still used today in games like DotA2 and LoL, so 20% 1st try, if fail, then it starts adding up, 2nd try 20%, if fail, 3rd try 40%, if fail, 4th try 60%, if fail, 5th try 80%, if fail, 6th try, 100% guarantee, each time when critical happened, distribution are restarted. But such logic does not provide money for the casino owner, so it all depends what you really need. True random can be generated with PC taking current heat of components, or speed up and shifting HDD and combining them to get greater possibilities, even its limited and narrow, its hard to predict because its changing all the time, and again its not suitable for 20% in a game, because it does not go by the human logic, and we hate it, but its fine for other things. As i understand you, with 100% with even >50% event you are most likely need something like PRNG with Distribution. Easy way to get equal 50%:50% results (as you are looking for) or 50% chance are with 0 and 1, equally distributed, using modulus, even or odd number, even goes one way (eg. giving high chance to become odd), odd number goes another way (eg. giving high chance to become even), you can avoid decimal calculations if you want, its one line of branchless code, once you get equal result, you can go for 0-100 range, because theres 50 odd and 50 even numbers, if >50 will be equally hit as
Solved a CTF challange 'bout a year ago with this. Some implementations have a stack of values generated that is re-filled sometimes, that complicates it a bit.
I don't know much about programming but I have an idea to generate Random number by Using Current time: Hours, minutes and seconds along with date.Use different Arithmetic operations on Factors(second, minute,etc) for different cases of time so that neither me nor anyone can guess the solution
9:31, not the way I learned to do random numbers, I keep the output value separate from the seed, sure I still use the shift & xor method but I just fill a separate variable with 1 extracted bit in a loop, something like: bool lshr( int *seed ) { ... } int random( int *seed ) { int val = 0; size_t i; for ( i = 0; i < bitsof(int); ++i ) val |= lshr(seed)
@@patfre The intent is to increment before the value is used, therefore I will NOT change it, only an insane person tries to use a value before they increment it to the one they actually want
I'm not sure what lshr does, but using the seed as a starting point for state and overwriting it is how the algorithm used works (and also a pretty standard thing as far as PRNGs go, as far as I know). Keeping the seed could be seen as keeping some fixed state during the run (but not necessarily between the runs), but in a sense having the seed be a initial condition does that too.
@@user-sl6gn1ss8p For the LSHR: ruclips.net/video/Ks1pw1X22y4/видео.html I think a way of making the random number more secure would be to use multiple seeds and perhaps select them using the result of a seed, for example if you're encrypting a file you could copy some bytes into your seed to replace it, use it for both whatever you were gonna do, get the next random number and modulo with the bytes done to select another set of bytes to overwrite the seed with, as long as you implement some means of decryption then it would make it just that bit harder to decrypt the file without the initial seed, which could be a password/passphrase, for speed each character the pw/pp could just multiply a float that starts at 1.0 before the float is then used as a seed (I'm to lazy to take a deep look at the code that was presented in the vid so forgive my ignorance if it happens to be the same as what I just said)
@@zxuiji yeeah... no, don't roll your own crypto. Just don't do it, really. If you need a cryptographycally secure prng go get a reputable and widely used cryptographycally secure prng. There's a lot of them, they're field tested and widely audited. Does it mean they'll never have bugs? Hell no, they will have them, but they'll be far more likely to be found, reported and fixed than on your obscure NIH-driven implementation
You can have true randomness that is not based on our ignorance of starting conditions. Use quantum processes like radioactive decay or tunneling in your RNG.
If I remember correctly, it’s basically, the number isn’t random, it’s generated by like time, mouse position etc. (Not specifically those things, they’re just examples)
Hi i really like your video style. Can you create one video on how you create videos? What is your production process overall? I think lots of people would be interested in that.
Just record noise from mic input audio card. If you set all levels to max you'll be able to record noise from semiconductor used in first stage of amplification.
I've spent more time getting as much entropy in the RNG portion of my muon controlled number generator than all else combined including soldering up 6x 20 segment VFDs... Nice video my guy!
One thing, there is something I‘d call true random in our physical world. And that are quantum effects. If you are able to measure exactly when an atom is decaying and watch exactly one atom, you cannot predict exactly when it is decaying, only calculate when it’s probably already decayed.
Cannot predict YET*. Even if hidden local variables are somewhat debunked in our current models, global hidden variables might still be possible especially considering that reductionism seems to have reached a limit/failed in describing objective reality. Also, I just don’t believe in true randomness :p
@@Wylie288 With our current knowledge the most likely situation for quantum processes is that they are random. It doesn’t make sense to fight about it if we don’t have clues that these processes are determined by hidden variables.
I can controll a coin flip, always the upper side will be down, if you drop correctly. There are many factors I controll, but if you learn it, you can possibly make money :)
Well I learned a lot from this video because of the randomness and many new English words I didn't know before, thanks for you and for google translator too
Small correction - You say initially that PRNG's generate the next number from the previous number - however, as you show with the V8 generator, they'll usually use some hidden internal state instead. If PRNG's *did* use the previous number as their only input, that would be extremely bad. No matter how random the seed was, you could take any result from the PRNG and immediately know all future results.
This is correct. Most CSPRNGS are structured with a update and output function. The update function changes the internal state. The output derives and output from the internal state. The SP800-90A HMAC DRBR is an exception - the update function lets is mixed with the output function so it varies based on how much data is asked for from the output function. This is just wrong and bad and a reason not to use the SP800-90A HMAC DRBG. Use the CTR DRBG instead. Don't touch the Hash DRBG - it's bad in many other ways.
Python 3.6 released the "secrets" module which uses a non-deterministic RNG and is secure. Just put "import secrets" at the beginning of your python code and you're good to go.
This right here is a example of wisdom over intelligence. I'm pretty sure most every new programmer has set out to prove this wrong, just to come to the realization there is no such thing as random in anything.
@@youtubehandlesux Me, who also started with assembly: lol know rdseeded is just a new seed. git --guder Ever wonder why you have a seed? .. really think.
Hey this was amazing, needed a little help how did you generate first few sequences at the start of the video . I need to solve a problem that requires 5 correct random numbers in sequence.
Interesting to see that V8 is using XorShift128 for the Math.random implementation. XorShift is actually a pretty good algorithm, even tho I'm not sure why they use the XorShift128 variant. A while back I implemented the xoshiro256** variant in C++ because the PRNG algorithms provided by the stdlib were either too slow, or too bad. The C stdlib random implementation is especially bad since it is not only slow, but also has bad randomness. xoshiro256** on the other hand was extremely fast while also providing very good randomness
Yeah, I once implemented them using SIMD/AVX and whatnot, for the creation of large batches of values, and it was pretty nice. I really like the XorShift/xoshiro family, they're simple, fast, have options to cover different use cases AND work well : )
This. The idea of "real" random doesn't exist. Even at the quantum level like people think. That idea just comes from a misunderstanding when you convert quantum mechanics into laymans terms.
![Twenty One Pilots - The Line (from Arcane Season 2) [Official Audio]](http://i.ytimg.com/vi/XCz7WUotXs8/mqdefault.jpg)
Should I do a tutorial on time travelling? It’s ez bruh, 88 mph.
I JUST FINISHED THE EXERCISE!!!! NO WAY
yes
42
So, what you could is, is built it into the computer itself just using analog instead. It is not precise until it is converted to digital, but the idea here is, it will always vary. Take for example, the battery status. It is never ever the same in analog. So, add that signal to other signals in analog and you have something that will always vary slightly when converted to digital.
I wonder how you can make perfectly safe random number generators in digital, since everything in software has been filtered to make it digital?
Can you get to the analog signal of the battery in software?
yeah its easy I do it all the time, some people can even do it faster than others. never heard of any kind of time travel that could predict the future tho.
never thought id have to make trust issues with random number generators
Well they're not random which is the reason why you shouldn't trust them
@@piolix0004 my whole life was a lie smh
@@bertansadiki6794 You couldn't tell wouldn't be random??
@@N____er jk bro i kinda knew its impossible for a computer to generate a truly random number
If you want to use crypto where the number has to be not known by someone else you could use the crypto api
Small correction:
“There’s no way for a traditional computer to generate a true random number because the entire system is deterministic.”
This actually isn’t true. Various systems within the computer chip generate entropy as they operate due to inefficiencies and heat generation and such. Computers can actually measure entropy generating hardware as a way of obtaining a true random number. These really are true random numbers since entropy is the randomness of the universe and is inherently unpredictable.
All computers running on modern x86 architecture (64 bit intel chips or any AMD chip since 2015) can run the instruction RDSEED, which probes entropy generating hardware to generate a true random number. The instruction is computationally expensive and takes many clock cycles to perform, so it’s recommended to be used as the seed of a pseudo random number generator rather than as a random number generator itself, hence the name RDSEED.
Correct
It may seem random to YOU, but is it really random?
Ok so just tell me the conclusion... should I believe in computer gen random numbers???
Yep, I did some research a while ago on the topic and It's right.
Going to add a correction to your correction, a computer can gain a finite amount of entropy from systems that are non-deterministic, like interrupt timings. The operating system stores a "pool" of entropy gained from these values, and then taps into that pool when RDSEED is called. It's an expensive instruction because it's reliant on software. If that pool has been exhausted or does not exist, the quality of these numbers drops from truly random, back to pseudo-random. Some organizations, like Cloudflare, need huge amounts of truly random numbers to generate millions of secure keys each day. To do this they use a physical system outside of the computer, in Cloudflare's case, its a webcam pointed at a wall of lava lamps.
What's really cool are the tool assisted speed runners who reverse engineer the games rng functions to pull off frame perfect runs.
No reply?
which game is that? any link to the video?
you mean go back in time 88mph to choose the perfect multiverse?
godzilla had a stroke trying to read this
That's just impossible
This is probably one of the best approach to explaining an advanced concept in very simple terms and entertaining style.Thank you!Definitely following for more!
oh yeah totally, the best way to learn to program and solve problems is to take someone's solution, recreated it, break it to bits, and recreate it again in your own fashion lol
I had known about this that "It is impossible to create pure random numbers in computer science" but seeing it in practice as really cool. Your explanations are awesome. Keep it up.
But it's an incorrect statement.
@@davidjohnston4240 how?
Computers are made of electronics. All electronics have electrical noise which derives from quantum physics. That noise can be used to make nondeterministic random numbers. The entropy extraction algorithms can squish those random numbers into higher quality random numbers that are arbitrarily close to full uniform.
value1 = random.randrange(1,100000)
d = random.randrange(0,6)
value2 = random.randrange(1,100000)
if d == 0:
random = value1 + value2
if d == 1:
random = value1 - value2
if d == 2:
random = value2 - value1
if d == 3:
random = value1 * value2
if d == 4:
random = value1 / value2
if d == 5:
random = value2 / value1
print(random) #now its ramdomish than just 1 random LOL
I would like to note that flipping a coin is not a chaotic system. A chaotic system is a system with high sensitivity to initial conditions, not that there are many initial conditions. A real example of a chaotic system is a double pendulum.
Yeah.. or 3 body problem..
That's why we need a pseudorandom library that uses a variety of sources for seeding, other than the system clock. Stuff like current temperatures, microphone input (which is especially random in case of the cheap mics many people have that provide a lot of noise), mouse position at the time of setting up the seed, and any other sources of randomness you can think of. Also reseeding the generator every hour or so.
Perhaps in the case of a game, player input, enemy velocity, collectibles, etc.
@@legendgames128 No, it's too easy to manipulate, just look at RNG manipulation in classic NES and GB titles (which didn't have a clock, unless one was provided on the cart and had to do seeding in the way you describe).
Things like noises on the microphone or component temperatures are much harder to control. Basically, any analog input source is a good source of randomness.
@@UltimatePerfection I was suggesting additional things as well as what you provided, but yes, the manipulation that could come of player input is very much not random. I guess if the player has any say in the RNG, then the RNG could be manipulated to do whatever the player desires (so long as the RNG directly affects it) so scratch that idea.
You can use hardware seeds, if you're looking for a good RNG library you should check our PCG32. The author has a great talk explaining why it better than other approaches as well.
If the risk were just in dependencies using Math.random, you could easily inject a mock/stub instead. The mock can throw an error if used, but it doesn't mean that it's used for the critical part. Also you can create a stub always returning 0 to see if the encryption libraries become predictable.
Just a small semantic correction: It is incorrect to say that cryptography doesn't use pseudorandom generators, it absolutely does. No computable generator can be, by definition, absolutely random. They can be, however, observably random. That does not mean that the generator is not pseudorandom, it means that there is no known function that can discriminate that generator from a truly random one (always speaking in terms of polynomial time) . If this were not the case, symmetric key generation would be either an uncomputable problem, or and insecurely solvable one.
Hardware random number generators are a thing, and not uncommonly used in cryptography. Incomputable generators of random noise are fairly easy to make/use - just observe them.
It seems like quantum computing could change that.
He does conclude by saying "but you can use *cryptographically secure pseudo-random number generators*" at the end... Right after the bit where he said what you take issue with. Immediately after. So he's aware that they can be and do get used.
As author mentioned, nothing can be technically random :)
@@ultimatedude5686 That depends on whether quantum mechanics is fundamentally random or not, which is an open question.
Woah! Would've never expected to see Z3 make an appearance here, it is indeed really cool! (I work with SAT/SMT solvers on a daily basis)
Interesting!
I'm a graduate student in mathematics and I really like automated (and assisted) provers. But I don't really know about the application they have in industry.
What is your line of work?
@@Pietro-qz5tm i don't have much experience with the automated proving part of things. I mostly use SAT solvers to efficiently (in practice) find solutions for NP-hard problems. You can think of it as a practical oracle
@@aditya95sriram yea that is what they are made for :D
I just wanted to know what are the problems you use them for
@@Pietro-qz5tm Well I've used it for computing certain width measures for graphs (popular in the area of Parameterized Complexity, like treewidth, treedepth etc) and for computing the structure of Bayesian Networks. If you're still curious, you could check out the papers at ac(dot)tuwien(dot)ac(dot)at(slash)vaidyanathan
@@aditya95sriram I have some experience with SAT solvers, and even wrote (a somewhat poor performing and non-proof producing) one.
I believe there's a lot of ways in which incremental solvers could get better, I wrote a bunch of wrappers that iteratively call a SAT solver to simplify input formulas, or more specifically, to find all fixed units in the input formulas, and all fixed implications. This is *extremely* useful for some purposes, but is basically impossible without wrapping an IPASIR-like incremental solver and basically excluding similar solutions until UNSAT.
I have used these solvers to find patterns in cellular automata that perform various things, like finding novel spaceships in new rules, finding patterns that implement (simple) logic circuits (going more complex would require a QBF solver and some forall constraints, but existing QBF solvers kinda suck).
I've implemented various logic games (light-up, minesweeper, sudoku) in SAT-solver formulas, which allows for things like finding the simplest instance that is not solvable by some set of inference rules (which is useful if you can somehow assert the solution is unique), which you can do iteratively to do some fun stuff.
Great animation! Very entertaining to watch. Randomness is real, not artificial, and is the combination of two or more similar values into a confined space. “A and B are equal in size, but are forced equally to fit spot C, which is only big enough for one of them.” The value C at the conclusion is random, and not dependent on systemic error.
An example is to count down to zero, but twice. The exact moment is indeterminate, because time keeps going, and no parts were favored. To compare why this is random, place two objects in-line on a track, and see who will come out ahead after many laps. The result is not inline, because each part is trying to win! The return of a function from time-dependency is called “seizing”, and can be implemented as an “LC-circuit”, or inductor-capacitor reforming array. Push energy into a capacitor, and see it try to escape at the earliest exact moment. When both arrays operate at the same time they’ll literally force on time to “let them pass”. The exact winner is therefore indeterminate, and this circuit produces a single bit of truly random information. Twenty bits will obliterate any form of computation developed by a mortal- you can crash the entire suite of any portal software: Windows, MacOS, Linus, Unix, etc. just by arranging those twenty bits somewhere on board. The operating system will find that electricity is too interested in a computation unrelated to the cpu-instructions and “hang”, or freeze, without any computation until a memory refresh takes place!
See “particle assembly, physics” for more information about random numbers and why flow of information yields the need for a “break” every now and then! Long post, hope you enjoyed it!
See Me for that information. I’ll find a way to help. Take care!
Electronics always produce noise. In most cases this effect is undesirable and computers are designed to reduce its impact on their operation. But it is possible to go other way and amplify the noise to make true random generator inside computer. And this is exactly what is done in latest CPUs.
Yup, but it is too slow when you need a lot of random numbers, so you seed with that and then depend of a good algorithm for the rest. Mersenne Twister should really be the bare minimum RNG algorithm but apparently things like this have been kept around for legacy code reasons (in the case of C++, I don't follow what goes on with Python). PCG32 is a good RNG library.
This goes along nice with Liveoverflow's latest video. Good job!
We've been told that computer generated random numbers are not actually random, back in 2nd or 3d grade in computer class. That is a really cool knowledge to have. And actually mega OP compared to all the other computer class knowledge we got, especially that early. Always wanted to find out actually how this algorithm works. Quite cool. Good vid actually.
@@maqp1492 yeah, I've read it from other comments already.
it designed that way so programmers can rerun test cases. Use a value Seed on every call to get random
And in the Python documentation it's explicitly said that the random function isn't for security purposes
Sure, but since the next number is easy to predict from the current number, leaking some of the numbers even after use can let an attacker get ahead by knowing the upcoming numbers. The problem isn't just that it is deterministic, but that the determinism is easily figured out.
I have simple idea from analog synthesizer. Build analog noise generator, add ADC, and when application needs random value you simple have to sample momentarily voltage at the output of noise generator
I thought this is someone with hundreds of thousands of subs but then I checked and he only has 900 subs. That’s crazy he definitely puts a lot of effort in his videos and they are fantastic. He deserves more subs.
Several observations. First, not all computers represent floating point as defined by IEEE 754. Yes, most that you are ever likely to encounter do but there are exceptions. Secondly, this video is based on the supposition that each random number generated is dependent upon the previous numbers. If that is not the case then the predictor does not work. To show this, change the generator to use a new seed each time. The seed can be the system time, the time between inputs to the program. or any other value obtained in a manner that is not deterministic.
Changing the seed does not solve the problems of predictability. It moves the problem: instead of generating random numbers you now have to generate random seeds for the number generator... those seeds are again random numbers. So if you have to change seed every time you need a random number then just use the new seed as the new random number
@@Pietro-qz5tm You are correct. Just use what i was calling the seed. That solves the predictability problem. The whole point of the video appears to be that for any given seed, the same finite repeating sequence of pseudo-random numbers will be generated. The nth number of the sequence can then be predicted from a large enough sample of consecutively generated predecessors. Mathematically, there exists a pair of functions f and g with fn being the result of each execution of f such that g(f1, f2, f3, ..., fn) = fn+1. Just consider the expressions following f to be subscripts. Does that pretty much sum it up? I think that the point that you were trying to make is that pseudo-random numbers are not truely random but you got too tangled up in the prediction function and never really said that. My point is that there are methods available to produce truly random numbers from the computer's environment.
@@WatchesTrainsAndRockets now it makes more sense. Let me just add two things, for clarity.
An abstract computer (as a Turing machine, interpreter of lambda calculus, or whatever) does not have ways to generate nondeterministic random bits. But real ones can, as you said, collect random bits from the environment (just, please, don't use the time as a source of randomness, it is not a good one). Sometimes even real machines have problems. Just after boot for example, when environment entropy is low, or when a big quantity of random bits is required (that's why /dev/random is usually blocking in Linux).
In theory given a deterministic prng a predictor exists, in practice such predictor may be very difficult to compute. That is the whole point of cryptographically secure prng: there are not known fast predictors. This was mentioned in the video and is, imho, a quite important distinction. z3 will never break a secure prng, it is a SAT solver but SAT problems are usually intractable.
The MPFR library is popular when you need bigger floats than IEEE 754 offers. I use it all the time for cryptography work.
You can try build a "true" random number genrator using a giger counter and somthing radioactive like a banana.
Also some TMP has quantum random number generator built in
No need for radioactive sources. Just use electrical noise. It's a lot more abundant in electronics and comes with quantifiable entropy. That's how we do it in computers.
@@davidjohnston4240 yea but if you know exactly how every source of electrical noise works you could predict the output.
But, radioactivity is truly random. We currently know of no way to predict when a radioactive element will decay.
But, there’s no need to use a banana, you can just use yourself! You’re (slightly) radioactive!
@@loganiushere the generator in many modern TPM is electrical, and is considered quantum random. If you use a too small transistor electrons will randomly tunnel between on the gate, you can mesure its and use it as a true enteopy source, the biggest problem with electrical sources is tempeture dependunce, unlike radioactive isotops, the tempeture will affect the distribution of electron creating a bias and in result decreasing entropy.
@@loganiushere Electrical noise arises from quantum interactions. The underlying nondeterminism of everything arises from quantum interactions.
@@IceQub3 huh, well that is not what I thought of when I heard “electrical noise,” but I guess that would be truly random!
And thats why cloudflare uses lava lamps (which are recorded by cameras) as their RNG :D
Dude someone is gonna build a program to find the patterns of lava lamps now 😄
Someone can predict the general movement of a lava lamp and how it reacts to changes in the variables around it (angle, temperature, etc…) but there is absolutely no way to accurately predict the exact placement of everything at a certain moment in time
@@brayyy846 also cameras are noisy, even if you could perfecrly predict the lamps,the camera sensors inject enough noise to make that useless
@@nicholascurran1734 It's impossible bc exact positions on 2 lamps can make different numbers, and there's more than 1 bubble, sooo...
Edit: it's possible only through matching exact patterns, and it would take decades
If this was just a giant ad for snyk, it worked. Was totally sold on using it to detect insecure psuedorandomness by the end!
I tried the "Time Travel" option running multiple sleep(-10) but it didn't work. Do someone manage to make it working?
python actually blocks negative values for time to make impossible for newbies to time-travel
You just need to do:
*from **___future___** import random_int*
I always look forward for more of your content ever since finishing what you have in the channel. Every time you upload, I am always having a blast!
I remember that the last time when I needed random numbers for a school project, my code ended up carrying a full implementation of D. J. Bernstein's ChaCha20 stream cipher so I can use its keystream as a high-quality pseudorandom number generator.
That’s thumbnail cracked me up
this vids gonna have the 2nd birthday in 4 days, and this was the first video ive watched from you!!
2:30 Laplace's demon talks about this topic, and it turns out that it is mathematically impossible to predict the outcome, no matter how much reference data you have. Pretty interesting.
thats why you seed it, but theres a good reason why sequences are the same and it's for debugging or testing purposes.
Exercise was so much fun & easy!
Dude! I was interested in this vid, mainly because I notices that generating events due to math like making a random number 0 - 100 and an event is (if > 50)... gave me one a lot then the other a lot! Great vid!
That has nothing to do with pseudorandomness. Actual random numbers have more streaks than people intuitively think as well.
@@Oneiroclast I used the Python Random module.
You can make your own PRNG, something simple, that peoples may not break so easy as classic random module that everyone knows. But it all depends for what purpose you need random number. For example, PRNG in games will be different from gamble machines, or in security application.
There are lots of problems creating PRNG. Do you need efficient or performance PRNG, do you need FPU or not, what if there is no FPU on some PC, or what if you wanna avoid division because its not efficient, what ranges of numbers do you need, do you need negative numbers, for how long you need it to generate without going into shift or repeat, do you need all generated numbers to pop up equally distributed, eg. you are generating number between 0 and 1, 1m times, in the end do you need 500k 0 and 500k 1 numbers happening equally across all generated numbers or you are fine with 80% happened to be 1 and 20% of numbers generated are 0, or you need 50%:50%, with numbers 1, 2, 3 and 4, maybe you need 25%:25%:25%:25% equally, or 60%:4%:25%:11%: equally across all generated numbers.
For example in game, 20% critical chance sounds fine, by math it may happen every 20th hit, because of math, and math does not give or think, but humans will see 20% as 1 guarantee in 5 tries, right(?), same with dice rolls, 6 sides, 1:6 chance that you will get what you need, and yet after 20th retry you cannot get number 6, because dice doesnt give a thing about previous results, and to people it looks like black magic, or something shady, not fair, and such, thats why Blizzard implemented in Warcraft 3 back in 2000 PRG Distribution, and its still used today in games like DotA2 and LoL, so 20% 1st try, if fail, then it starts adding up, 2nd try 20%, if fail, 3rd try 40%, if fail, 4th try 60%, if fail, 5th try 80%, if fail, 6th try, 100% guarantee, each time when critical happened, distribution are restarted. But such logic does not provide money for the casino owner, so it all depends what you really need.
True random can be generated with PC taking current heat of components, or speed up and shifting HDD and combining them to get greater possibilities, even its limited and narrow, its hard to predict because its changing all the time, and again its not suitable for 20% in a game, because it does not go by the human logic, and we hate it, but its fine for other things.
As i understand you, with 100% with even >50% event you are most likely need something like PRNG with Distribution.
Easy way to get equal 50%:50% results (as you are looking for) or 50% chance are with 0 and 1, equally distributed, using modulus, even or odd number, even goes one way (eg. giving high chance to become odd), odd number goes another way (eg. giving high chance to become even), you can avoid decimal calculations if you want, its one line of branchless code, once you get equal result, you can go for 0-100 range, because theres 50 odd and 50 even numbers, if >50 will be equally hit as
@@RadiusNightly Okay, thank you!
please can you share source code for maken predictable random number between 0 - 100 ?
Solved a CTF challange 'bout a year ago with this. Some implementations have a stack of values generated that is re-filled sometimes, that complicates it a bit.
import random
def two_layer_random(start, end):
random_list = []
for x in range(abs(start - end)):
random_list.append(random.randint(start, end))
return random_list[random.randint(start, end)]
print(two_layer_random(0, 100))
I don't know much about programming but I have an idea to generate Random number by Using Current time: Hours, minutes and seconds along with date.Use different Arithmetic operations on Factors(second, minute,etc) for different cases of time so that neither me nor anyone can guess the solution
that is more or less how the srand function is c++ works when using time(NULL) as a seed
That's not random though. Still fully deterministic.
9:31, not the way I learned to do random numbers, I keep the output value separate from the seed, sure I still use the shift & xor method but I just fill a separate variable with 1 extracted bit in a loop, something like:
bool lshr( int *seed ) { ... }
int random( int *seed )
{
int val = 0;
size_t i;
for ( i = 0; i < bitsof(int); ++i )
val |= lshr(seed)
I will just point out that your a maniac because of ++i do like a sane person and do i++
@@patfre The intent is to increment before the value is used, therefore I will NOT change it, only an insane person tries to use a value before they increment it to the one they actually want
I'm not sure what lshr does, but using the seed as a starting point for state and overwriting it is how the algorithm used works (and also a pretty standard thing as far as PRNGs go, as far as I know). Keeping the seed could be seen as keeping some fixed state during the run (but not necessarily between the runs), but in a sense having the seed be a initial condition does that too.
@@user-sl6gn1ss8p For the LSHR:
ruclips.net/video/Ks1pw1X22y4/видео.html
I think a way of making the random number more secure would be to use multiple seeds and perhaps select them using the result of a seed, for example if you're encrypting a file you could copy some bytes into your seed to replace it, use it for both whatever you were gonna do, get the next random number and modulo with the bytes done to select another set of bytes to overwrite the seed with, as long as you implement some means of decryption then it would make it just that bit harder to decrypt the file without the initial seed, which could be a password/passphrase, for speed each character the pw/pp could just multiply a float that starts at 1.0 before the float is then used as a seed (I'm to lazy to take a deep look at the code that was presented in the vid so forgive my ignorance if it happens to be the same as what I just said)
@@zxuiji yeeah... no, don't roll your own crypto. Just don't do it, really.
If you need a cryptographycally secure prng go get a reputable and widely used cryptographycally secure prng. There's a lot of them, they're field tested and widely audited.
Does it mean they'll never have bugs? Hell no, they will have them, but they'll be far more likely to be found, reported and fixed than on your obscure NIH-driven implementation
You convinced me to signup for snyk
😂 well done...
You can have true randomness that is not based on our ignorance of starting conditions. Use quantum processes like radioactive decay or tunneling in your RNG.
most chips have inbuilt true random number generator
WOW, this is the first time i look at one of your videos. YOU ARE AWESOME
I remembered this channel today. Hope everything is fine!
Hoyy youtube.. show me more of such videos, I am in love with it rn (tho i didn't understand it completely)
Your channel is full of excellent content. Keep up the excellent work!
What happened to this channel? I loved this.
2:10 on first listen I thought you said here that the coin flip depends on "divorce" 😅
Great video! Really good lesson!
I was just looking for the right occasion to use my brand new tardis, thank you.
If I remember correctly, it’s basically, the number isn’t random, it’s generated by like time, mouse position etc. (Not specifically those things, they’re just examples)
Woah, great video mate!
This z3 is pretty cool I should learn more about it
thx for the exercise, i learn a lot about z3 today!
This is the best free software Ive seen. Respect.
That time traveling exercise was a tough one but eventually I managed it
Woot! Thank goodness, I needed this back on my
Hi i really like your video style. Can you create one video on how you create videos? What is your production process overall? I think lots of people would be interested in that.
PwnFunction: Let's run the script.
RUclips: * starts an ad *
Just record noise from mic input audio card. If you set all levels to max you'll be able to record noise from semiconductor used in first stage of amplification.
Yes! Another legendary video from a legendary legend!
I've spent more time getting as much entropy in the RNG portion of my muon controlled number generator than all else combined including soldering up 6x 20 segment VFDs... Nice video my guy!
Fantastic tutorial, keep up the great videos!
So what I learned from this video is that z3 can do my math homework.
One thing, there is something I‘d call true random in our physical world.
And that are quantum effects.
If you are able to measure exactly when an atom is decaying and watch exactly one atom, you cannot predict exactly when it is decaying, only calculate when it’s probably already decayed.
Cannot predict YET*. Even if hidden local variables are somewhat debunked in our current models, global hidden variables might still be possible especially considering that reductionism seems to have reached a limit/failed in describing objective reality.
Also, I just don’t believe in true randomness :p
Thats just human ignorance. Thats not "true random" Thats literally computer RNG to your average person, except on a global scale.
@@Wylie288 With our current knowledge the most likely situation for quantum processes is that they are random.
It doesn’t make sense to fight about it if we don’t have clues that these processes are determined by hidden variables.
I can controll a coin flip, always the upper side will be down, if you drop correctly. There are many factors I controll, but if you learn it, you can possibly make money :)
Rust bandit camp roulette I am coming for you :D - I think they are using Mersene Twister algo
Real quality content
Well I learned a lot from this video because of the randomness and many new English words I didn't know before, thanks for you and for google translator too
This is an amazing video. Very interesting info and perfect delivery. Thanks!
you can now predict random numbers? time to go to the casino!
You can't predict
This could be kind of dangerous for websites or programs that use randomly generated numbers for their security or encryption
As you said its too easy, I completed the exercise you gave. 👍
Lol, this guy is approaching problems in a very wrong way
Earth computer has a couple videos on him cracking random numbers in minecraft.
Thanks man!! You've earned my respect
Small correction -
You say initially that PRNG's generate the next number from the previous number - however, as you show with the V8 generator, they'll usually use some hidden internal state instead.
If PRNG's *did* use the previous number as their only input, that would be extremely bad. No matter how random the seed was, you could take any result from the PRNG and immediately know all future results.
This is correct. Most CSPRNGS are structured with a update and output function. The update function changes the internal state. The output derives and output from the internal state. The SP800-90A HMAC DRBR is an exception - the update function lets is mixed with the output function so it varies based on how much data is asked for from the output function. This is just wrong and bad and a reason not to use the SP800-90A HMAC DRBG. Use the CTR DRBG instead. Don't touch the Hash DRBG - it's bad in many other ways.
Nature when looking at computers: Look at what they need to mimic a fraction of our power.
Love your videos. Keep it up!
Would love a video on the cryptographically secure RNG
Use rdrand
Pro: Random!(?)
Cons: Slow
You don't know if it's a tool for the feds
your visuals are always so beautiful
Awesome video, really laid back, really likey
Python 3.6 released the "secrets" module which uses a non-deterministic RNG and is secure. Just put "import secrets" at the beginning of your python code and you're good to go.
TNice tutorials tutorial is so good, tysm
Very useful video, thanks!
Bro just me here trying to predict an outcome in an arcade game. Never thought that would bring me here
please a video about making a server for testing websites for example recive logs of sending a payload
10:21 It should be *(1+mantissa) for the average case (normalised)
This right here is a example of wisdom over intelligence. I'm pretty sure most every new programmer has set out to prove this wrong, just to come to the realization there is no such thing as random in anything.
Me, who learned a bit of assembly when I'm a beginner: lol get rdseeded u scrub, git --gud
@@youtubehandlesux Me, who also started with assembly: lol know rdseeded is just a new seed. git --guder Ever wonder why you have a seed? .. really think.
Next video idea: How to predict lottery numbers. Thanks.
This was so helpful!! Thank you
can you also make a videos on possible vulnerabilities to be aware of while writing solidity smart contracts
works, chock-full thanks!
Wow, cool explanation
Very interesting thanks a lots, you showed me some new rabbit holes. (I clicked on your link, I am from Monster team for drinks btw)
Everything works, I highly recommend it
Great video! One feedback i'd have tho is please next time have more contrast in the python code examples in the console, its very hard to read
Thank You For The Mind-Blowing!!!!!
pretty nice video, thanks for that. And pretty nice theme. I would appreciate if share the them you used for this video in your VSCODE.
+ What is VS Code theme?
this is su[er interesting , thanx for the video
I did it, thank you very much to the author
Hey this was amazing, needed a little help how did you generate first few sequences at the start of the video .
I need to solve a problem that requires 5 correct random numbers in sequence.
kya bhai ! khud se kar ctf
@ShauryaSaha 😂😂😂😂
Interesting to see that V8 is using XorShift128 for the Math.random implementation. XorShift is actually a pretty good algorithm, even tho I'm not sure why they use the XorShift128 variant. A while back I implemented the xoshiro256** variant in C++ because the PRNG algorithms provided by the stdlib were either too slow, or too bad. The C stdlib random implementation is especially bad since it is not only slow, but also has bad randomness. xoshiro256** on the other hand was extremely fast while also providing very good randomness
Yeah, I once implemented them using SIMD/AVX and whatnot, for the creation of large batches of values, and it was pretty nice. I really like the XorShift/xoshiro family, they're simple, fast, have options to cover different use cases AND work well : )
They used MWC1616, but changed to xorshift128+ in Dec 2015. There were nice articles about random number distribution at time.
@@levsonc Interesting, thanks for the info. I found a few very interesting articles
"Randomness is, basically, our ignorance to the initial conditions of a chaotic system." 2:40
This.
The idea of "real" random doesn't exist. Even at the quantum level like people think. That idea just comes from a misunderstanding when you convert quantum mechanics into laymans terms.
Now I can predict rng in games with random spray to get the best shots
Now I'm more interested in know how you did learn all this, where? From who? Were they green like in the movies?