True random generation in Java

Question

I was reading the Math.random() javadoc and saw that random is only psuedorandom.

Is there a library (specifically java) that generates random numbers according to

Answer 1

For most purposes, pseudo-random numbers are more than enough. If you just need a simple random number, ie. in 30% of the time do this, then a timestamp as a seed is what you want. If this has to be secure random number, for example shuffling a deck, you want to choose your seed a bit more carefully, there are good sources out there for creating secure seeds.

The reason for using seeds is to be able to "recall" the same sequence of random numbers generated by the algorithm. A very good scenario for that is when you are doing stochastic simulation on some sort and you want to repeat a particular experiment, then you simply use the same seed.

For a better PRNG than the one bundled with Java, take a look at the Mersenne Twister.

Answer 2

Wikipedia quote: John von Neumann famously said "Anyone who uses arithmetic methods to produce random numbers is in a state of sin."

Answer 3

Since tapping into those sources of random data would require hardware access of some kind such a library can't be written portably using pure Java.

You can however try to write platform-dependent code to read the platforms source of random data. For Linux (and possibly other Unix-like systems as well) that could be /dev/random for example.

Also, look at the SecureRandom class, it might already have what you want.

Answer 4

As far as i know they work with time of the machine ... !

What Random Numbers Are Used For

Random numbers have been used for many thousands of years. Whether it’s flipping a coin or rolling a dice, the goal is to leave the end result up to random chance. Random number generators in a computer are similar — they’re an attempt to achieve an unpredictable, random result.

Is this possible to make true random numbers ?

Yes it is !

To generate a “true” random number, the computer measures some type of physical phenomenon that takes place outside of the computer.

For a more day-to-day example, the computer could rely on atmospheric noise or simply use the exact time you press keys on your keyboard as a source of unpredictable data, or entropy. For example, your computer might notice that you pressed a key at exactly 0.23423523 seconds after 2 p.m.. Grab enough of the specific times associated with these key presses and you’ll have a source of entropy you can use to generate a “true” random number.

The NSA and Intel’s Hardware Random Number Generator

To make things easier for developers and help generate secure random numbers, Intel chips include a hardware-based random number generator known as RdRand. This chip uses an entropy source on the processor and provides random numbers to software when the software requests them.

source : HowToGeek ?

Just in case that you maybe need to generate random numbers in Android... I use Data of Accelerometer for true physic based random numbers :)

Answer 5

Your question is ambiguous, which is causing the answers to be all over the place.

If you are looking for a Random implementation which relies on the system's source of randomness (as I'm guessing you are), then java.security.SecureRandom does that. The default configuration for the Sun security provider in your java.security file has the following:

#
# Select the source of seed data for SecureRandom. By default an
# attempt is made to use the entropy gathering device specified by
# the securerandom.source property. If an exception occurs when
# accessing the URL then the traditional system/thread activity
# algorithm is used.
#
# On Solaris and Linux systems, if file:/dev/urandom is specified and it
# exists, a special SecureRandom implementation is activated by default.
# This "NativePRNG" reads random bytes directly from /dev/urandom.
#
# On Windows systems, the URLs file:/dev/random and file:/dev/urandom
# enables use of the Microsoft CryptoAPI seed functionality.
#
securerandom.source=file:/dev/urandom

If you are really asking about overriding this with something even more truly random, it can be done either by changing this property, or by using another SecureRandom. For example, you could use a JCE provider backed by an HSM module such as nCipher nShield which has its own PRNG, or other solutions mentioned in the thread.

Answer 6

Just to clarify: The only TRUE random generator that exist in the universe is Quantum Random Bit Generator. There is no other mechanism that will assure you, that generated bits are totally random, because even if now you cannot predict the result there is no guarantee that you won't be able to to that in the future.

Quantum Random Bit Generator' (QRBG121), which is a fast non-deterministic random bit (number) generator whose randomness relies on intrinsic randomness of the quantum physical process of photonic emission in semiconductors and subsequent detection by photoelectric effect. In this process photons are detected at random, one by one independently of each other. Timing information of detected photons is used to generate random binary digits - bits. The unique feature of this method is that it uses only one photon detector to produce both zeros and ones which results in a very small bias and high immunity to components variation and aging. Furthermore, detection of individual photons is made by a photomultiplier (PMT). Compared to solid state photon detectors the PMT's have drastically superior signal to noise performance and much lower probability of appearing of afterpulses which could be a source of unwanted correlations.

More information for example here: http://random.irb.hr/