“Random” Might Not Be Random As You Think - Qrypt

7.01.21

“Random” Might Not Be Random As You Think

Contributors:
Denis Mandich
Category:
Blog Post

“Random” Might Not Be Random As You Think

In science, random indicates an unpredictable event for which the outcome cannot be known in advance. But is it possible to generate an arbitrary sequence that cannot possibly be calculated?

The short answer is “not with modern computers.”

There are many ways to generate random numbers, the most well-known of which is a simple dice toss, or coin-flipping, which provides seemingly unpredictable results. However, they’re not as unbiased and random as one might think. Humans can manipulate the speed, angle or other parameters to predetermine results; but people are limited in their predictive power where machines are not. Computers are fantastic at finding patterns within a sequence to predict an outcome.

Now as to why this matters. Unknown to most users, randomness is at the heart of online data protection. Modern cryptography utilizes digital keys – used for encrypting emails, websites, text messages and HTTPS connections in browsers – to obfuscate data and protect systems from being attacked. But current information systems rely on software-based pseudo-random number generators (PRNGs), which simulate randomness but are inherently deterministic.

It’s this very determinism that is problematic. These “random” systems are predictable. In 2019, this property allowed “blockchain bandits” to guess Ethereum’s private keys and steal cryptocurrency. Even though the chance of guessing a randomly generated Ethereum key is 1 in 115 quattuorvigintillion (1/2^256), about the same as the number of atoms in the universe), the “bandits” were able to code a program that could predict patterns in the keys and unlock the digital wallets.

This is the reason why cybersecurity experts are eager to adopt quantum-based random number generators – which are truly random. You can learn more about Qrypt’s quantum random here: https://www.qrypt.com/eaas.