Mark Wunsch
May 08, 2016
260

# lol im so random!

Presented at !!con (http://bangbangcon.com) 2016

Randomness has many applications in computing ranging from cryptography and statistics to generative art and simulation, but where does randomness come from? When you ask for a random number from your system, how truly random is it?

This talk will explore randomness in software practice in a variety of contexts. Touching on sources of entropy, pseudo-random number generation, and what it means to be cryptographically secure, this talk will explore both the algorithms and the APIs that supply us with random numbers. This talk will also cover the mechanisms for testing and verifying statistical randomness. Interspersed seemingly randomly throughout will be some great examples of bots, games, and generative art that use randomness and procedural generation in creative and unusual ways. You will come away from this high-level overview with a newfound sense of respect and awe for the humble Math.random().

May 08, 2016

## Transcript

1. lol
im so random!
@markwunsch

2. Math.random()

3. https://xkcd.com/221/

4. George Raft
Scarface, 1932

5. http://www.rand.org/pubs/monograph_reports/MR1418.html

6. John von Neumann
Various Techniques Used in Connection With Random Digits
“Any one who considers arithmetical methods
of producing random digits is, of course, in a
state of sin. For, as has been pointed out
several times, there is no such thing as a
random number — there are only methods to
produce random numbers, and a strict
arithmetic procedure of course is not such a
method.”

7. Pseudorandom
Number Generator
(PRNG)

8. Animate[ListPlot[BlockRandom[
SeedRandom[seed, Method ! “MersenneTwister”];
RandomReal[1, 10000]]],
{seed, 1, 100, 1}]

9. (rand)

10. (defn rand
“Returns a random floating point
number between 0 (inclusive) and n
(default 1) (exclusive).”
([] (. Math (random)))
([n] (* n (rand))))
clojure.core

11. public static double random()
Returns a double value with a positive sign, greater than or equal to
0.0 and less than 1.0. Returned values are chosen pseudorandomly
with (approximately) uniform distribution from that range.
When this method is ﬁrst called, it creates a single new
pseudorandom-number generator, exactly as if by the expression
new java.util.Random()
This new pseudorandom-number generator is used thereafter for
all calls to this method and is used nowhere else.
java.lang.Math

12. Mary Rose Cook
A practical introduction to functional programming
https://maryrosecook.com/blog/post/a-practical-introduction-to-functional-programming
“Functional code is characterized by one thing:
the absence of side effects. It doesn’t rely on
data outside the current function, and it
doesn’t change data that exists outside the
current function.”

13. random :: (RandomGen g, Random a) => g -> (a, g)

14. > import System.Random
> random (mkStdGen 42) :: (Int, StdGen)
(-3900021226967401631,2060101257 2103410263)

15. Tell’s Knabe
From the Schiller Gallery, 1859

16. Property-Based Testing
QuickCheck & its scions
http://www.cse.chalmers.se/~rjmh/QuickCheck/
Gary Fredericks — Purely Random
from Clojure/West 2015

17. The
Mersenne
Twister

18. 219937-1

19. 219937-1
the period

20. “PRNGs are currently implemented as a modiﬁed
Mersenne Twister with a period of 2**19937-1”
http://ruby-doc.org/core-2.2.2/Random.html
“Python uses the Mersenne Twister as the core
generator. It produces 53-bit precision ﬂoats and
has a period of 2**19937-1.”
https://docs.python.org/3/library/random.html
“Random number generation in Julia uses the
Mersenne Twister library via MersenneTwister
objects.”
http://docs.julialang.org/en/release-0.4/stdlib/numbers#random-numbers

21. TIFU by using Math.random()
https://medium.com/@betable/tifu-by-using-math-random-f1c308c4fd9d
There’s Math.random(), and then there’s Math.random()
http://v8project.blogspot.com/2015/12/theres-mathrandom-and-then-theres.html

22. http://stat.fsu.edu/pub/diehard/

23. cf.
TestU01
http://simul.iro.umontreal.ca/testu01/tu01.html
dieharder
https://www.phy.duke.edu/~rgb/General/dieharder.php

24. “The Mersenne Twister … is
completely unsuitable for
cryptographic purposes.”
https://docs.python.org/3/library/random.html

25. “Mersenne Twister is not
cryptographically secure.”
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html

26. cryptographically
secure

27. Cryptographically
Secure Pseudorandom
Number Generator
(CSPRNG)

28. Achillea millefolium
Köhler’s Medizinal-Pﬂanzen, 1887

29. Yarrow
Bruce Schneier and John Kelsey
https://www.schneier.com/cryptography/yarrow/

30. The
Entropy
Device

31. /dev/random
man 4 random

32. function lookbusy() { cat /dev/urandom | od -An; }

33. 101262 024567 163231 107002 047500 141110 112373 100363
141204 177347 033443 153461 150705 005261 075113 041430
057531 072242 066770 001374 110052 004716 160523 064356
127045 113127 072433 031735 146001 040647 105205 104464
010021 174056 072621 047566 041173 074062 063702 142662
012703 064566 004331 124752 002455 051065 171176 014151
024462 007765 036437 057554 111072 070733 014741 102411
117460 057656 073073 127016 124774 015743 013005 153673
171613 152444 166643 141710 150477 054502 150175 055630
045701 024774 074654 021546 164660 127465 075035 027547
032112 110437 170726 052324 112261 011234 163423 053520
042643 123732 016343 143734 003171 047752 161731 104761
106311 014712 162121 020272 150470 046124 156427 104625
172660 135352 034330 164771 076535 031660 146333 030455
041511 072500 017333 102715 074317 065237 075131 054032
001217 044045 046220 073062 021534 060345 065446 034237
130226 034734 061603 022274 133362 066144 103771 055055
073664 162725 013732 123243 144705 061310 106532 161743
002362 002610 111577 071633 124030 024525 146333 101235
160420 030052 002761 175720 125564 017030 007503 120511
124152 032335 041561 057646 177455 030002 010667 074013

34. \$ expr \$RANDOM % 6 + 1
\$ awk ‘BEGIN { srand(); print 1 + int(rand() * 6); }’
\$ cat /dev/urandom | hexdump -v -e '/1 "%u\n"' | awk
'{ split("0,2,4,5,7,9,11,12",a,","); for (i = 0; i
< 1; i+= 0.0001) printf("%08X\n",
100*sin(1382*exp((a[\$1 % 8]/12)*log(2))*i)) }' |
xxd -r -p | aplay -c 2 -f S32_LE -r 16000
http://blog.robertelder.org/bash-one-liner-compose-music/

35. 10 PRINT CHR\$(205.5+RND(1)); : GOTO 10
http://10print.org

36. Allegory of Chance
Frans Francken the Younger, 1627

37. ^D