Random number generator: how they work, uses, and free tool

A random number is an unpredictable value following no pattern. Generating true randomness is one of computing's hardest problems.

Why hard: Computers are deterministic. They need external entropy (mouse movement, electronic noise) or algorithms simulating randomness (pseudorandom).

Real consequence: In 2006, a Debian random generator bug weakened ALL SSL keys generated in 2 years. Only 32,768 possible keys instead of billions.

Generate with the NexTools number generator.

TRNG: Physical phenomena (radioactive decay, thermal noise). Unpredictable. Used by random.org, Intel RDRAND. Slow.

PRNG: Mathematical algorithm from a seed. Fast, reproducible. Math.random() uses xorshift128+.

CSPRNG: PRNG designed to be unpredictable even knowing previous outputs. crypto.getRandomValues(), /dev/urandom. For security.

1. Lotteries/raffles: Fair selection from N participants.

2. Games: Dice, cards, world generation, loot drops. The NexTools dice roller uses this.

3. Statistics/sampling: Random samples from populations. Clinical trials assign patients randomly.

4. Cryptography: Keys, tokens, nonces, IVs.

5. Monte Carlo simulation: Finance, physics, engineering.

6. Passwords: The NexTools password generator uses CSPRNG.

The NexTools generator: define range (min/max), choose quantity, allow/disallow duplicates, generate. Uses CSPRNG (crypto.getRandomValues). All in browser.

Uniform = every number has EXACTLY equal probability.

Common code error: Math.floor(Math.random() * 10) has slight bias due to floating point. For most uses imperceptible, for crypto unacceptable.

Correct method: Rejection sampling with crypto.getRandomValues().

Verify by generating 10,000+ numbers and counting frequencies. Use the percentage calculator.

JavaScript: Math.random() (PRNG), crypto.getRandomValues() (CSPRNG).

Python: random.randint() (PRNG), secrets.randbelow() (CSPRNG).

Bash: shuf -i 1-100 -n 1, $RANDOM (0-32767).

Rule: Games/UI → Math.random(). Security → crypto/secrets.

PRNGs use a seed. Same seed = same sequence.

Want reproducibility: Testing, procedural generation (Minecraft), scientific simulations.

Don't want: Security (unpredictable seed), lotteries, gambling.

For unique IDs, the NexTools UUID generator uses cryptographic randomness.

Birthday paradox: 23 people → >50% chance two share a birthday.

Humans aren't random: Asked to pick 1-10, most choose 3 or 7. Asked for random coin sequence, humans avoid long streaks (but real randomness has them).

Lottery: Powerball odds: 1 in 292 million. Need 1 ticket/second for 9.3 years to cover all.

Pi is "random": Pi's digits pass all randomness tests but are completely deterministic.