Random Number Generators (RNG)
- RNG is a technology that generates sequences approximating independent random samples using algorithmic (PRNG) or physical (TRNG, QRNG) methods.
- RNGs are instrumental in cryptography, simulations, and statistical sampling, offering diverse implementations with specific security and performance trade-offs.
- Evaluation methodologies for RNGs include rigorous statistical testing, entropy estimation, and randomness extraction to ensure high-quality and resilient outputs.
A random number generator (RNG) is a device or algorithm that produces a sequence of numbers whose properties approximate those of independent, identically distributed samples from a specified probability distribution, most commonly the uniform distribution on finite bit strings. RNGs are foundational across scientific computing, cryptography, and high-performance simulation, as well as in embedded systems, security protocols, randomized algorithms, and statistical sampling. The field encompasses pseudorandom number generators (PRNGs), true random number generators (TRNGs) based on physical entropy sources, and a newer class of quantum RNGs (QRNGs) offering information-theoretic unpredictability.
1. Taxonomy and Core Principles of RNGs
RNGs are broadly categorized by their entropy sources, unpredictability guarantees, and target application domains.
- Pseudorandom Number Generators (PRNGs): Algorithmic generators such as linear feedback shift registers (LFSR), linear congruential generators (LCG), Mersenne Twister (MT19937), and counter-based constructions (Philox, ThreeFry, PCG) produce deterministic sequences given an initial seed. High-quality PRNGs, such as those conforming to the Kolmogorov–Anosov mixing theory (RANLUX, MIXMAX), are essential for large-scale Monte Carlo applications and statistical simulation, offering formally analyzable statistical independence up to high dimension, with state sizes and periods engineered to preclude practical repetition (James et al., 2019).
- Physical/TRNGs: Hardware RNGs (HRNGs), including ring oscillator noise generators, Johnson/Zener noise samplers, and radioactive or chaotic physical systems, harvest entropy from stochastic physical phenomena. These are used where unpredictability against an adversary is required, as in cryptographic key generation or embedded encryption on resource-constrained IoT devices. Very recent designs utilizing stochastic magnetic tunnel junctions (sMTJs), nanomechanical chaos, or optoelectronic transitions directly digitize thermally or quantum-induced fluctuation (Wang et al., 2015, Zahoor et al., 7 Jul 2025, Madiot et al., 2022, Maicke et al., 2023).
- Quantum RNGs (QRNGs): QRNGs utilize elementary quantum processes such as photon arrival at a beam splitter, avalanche photodiode dark counts, or optomechanical bistability, producing bit streams that are, by construction, information-theoretically unpredictable, i.e., with min-entropy bounded by device characterization and with composable security proofs when combined with appropriate extractors (Wang et al., 2015, Mukhamedyanov et al., 25 Nov 2025, Stipcevic, 2011, Wu et al., 2016, Tsurumaru et al., 2019).
Each category is sub-classified further based on stream interface (block vs. bit), physical or algorithmic parallelism, statistical post-processing, and resistance to attacks (side channel, seed prediction, backdoor injection).
2. RNG Algorithms, Hardware Realizations, and Parallelism
A rich catalog of algorithmic and hardware RNGs is used in practice, each with architectural trade-offs regarding state size, period, stream parallelization, and statistical quality.
- Algorithmic Examples:
- Mersenne Twister (MT19937): 32-bit state, period , 623-dimensional equidistribution, native to many ML and numerical frameworks (Barash et al., 2013, Prabhu et al., 9 Feb 2026).
- Combined Multiple-Recurrence (MRG32k3a, LFSR113): Designed for multiple independent streams, block-splitting, and jump-ahead capabilities for large-scale simulation (Barash et al., 2013).
- Kolmogorov–Anosov/Hyperbolic Automorphisms (RANLUX, MIXMAX): Satisfy exponential divergence, high metric entropy, enforced by output decimation, offering provable approximation to K-systems and maximal mixing (James et al., 2019).
- Hardware and Physical RNGs:
- Ring Oscillator and Thermal Noise HRNG (Bluetooth SoC): Harvest phase-jitter, thermal noise via comparator digitization, on-chip conditioning with Von Neumann correctors and extractors (Tillmanns et al., 2020).
- Nanomechanical Chaos and Brillouin Optomechanics: Leverage Duffing-type nonlinearities and noise-induced bistability in MEMS/NEMS and integrated photonics, directly digitizing chaotic time series or optically detected state transitions (Madiot et al., 2022, Mukhamedyanov et al., 25 Nov 2025).
- Stochastic Magnetic Tunnel Junctions (MTJ, sMTJ): Modulate stochastic switching between magnetic states via spin-orbit torque and STT, sampling directly from arbitrary distributions with probability trees, low energy per bit ( pJ), and highly parallel design (Maicke et al., 2023, Zahoor et al., 7 Jul 2025).
- Cosmic-Photon and Radioactive RNGs: Use arrival times or parity symmetry in detection events from astrophysical sources or radioactive decay, maximizing measurement-independence and offering composable security proofs (Wu et al., 2016, Tsurumaru et al., 2019).
- Library and Programming Support:
- SSE/AVX-optimized RNG libraries (RNGSSELIB) and Fortran compatibility, mathematical jump-ahead, and parallel stream support for Monte Carlo (Barash et al., 2013).
3. Statistical Testing, Entropy Estimation, and Extractors
Robust assessment of RNG output entails a sequence of formal and empirical procedures:
- Statistical Test Batteries: NIST SP800-22, Dieharder, TestU01, and PractRand suites encompass monobit, block frequency, runs, autocorrelation, linear complexity, spectral, and template-matching tests, requiring empirical -values above prescribed thresholds (e.g., for NIST) for each sub-test and overall pass ratios (e.g., across ) (Foreman et al., 2024, Wang et al., 2015, Madiot et al., 2022, Maicke et al., 2023, Zahoor et al., 7 Jul 2025).
- Entropy Metrics:
- Shannon Entropy per bit: ;
- Min-Entropy: ,
- critical for cryptographic security. Min-entropy estimation is standardized (NIST tool) and forms the basis for extractor design and effectiveness analysis (Foreman et al., 2024, Wang et al., 2015).
- Randomness Extraction:
- Deterministic Preprocessing: Von Neumann debiasers eliminate simple bias, but may halve bit-rate and are ineffective for sources with structure (Foreman et al., 2024).
- Seeded Extractors: Circulant-hash and universal hashing, as in the Leftover Hash Lemma, extract nearly uniform strings from sources with guaranteed lower bound on block min-entropy. Output bits: 0 for block min-entropy 1 and security parameter 2.
- Two-Source and Physical/DI Extractors: Use independent sources (e.g., Bell-inequality-certified quantum source) or self-certified entropy to further elevate unpredictability guarantees (Foreman et al., 2024, Tsurumaru et al., 2019).
Empirically, processed streams from quantum and high-quality hardware sources, after strong extractor post-processing, become statistically indistinguishable from uniform, passing all batteries with failure counts ≲7.5 per 4600 tests at 3 significance (Foreman et al., 2024, Wang et al., 2015).
4. Robustness, Security, and Vulnerability Considerations
RNG security is governed by both physical/algorithmic unpredictability and system-level engineering against side-channel and supply-chain attacks.
- Robustness to Environmental Variations:
- APD-based QRNGs and sMTJ-based RNGs employ bias-tracking and adaptive digitization architectures to mitigate slow drifts in intensity, temperature, or device parameters, automatically adjusting decision thresholds to maintain unbiased output across wide process-voltage-temperature corners (Wang et al., 2015, Zahoor et al., 7 Jul 2025).
- 5G-SRNG designs and chaotic nanoresonator RNGs exploit environmental randomness (RF spectral entropy, non-deterministic multiuser phenomena) but require fallback strategies in silence or adversarial jamming scenarios (Catak et al., 2023, Madiot et al., 2022).
- Attack Surface and Vulnerabilities:
- Improper seed management (e.g., system time or fixed seeds) in PRNGs enables brute-force attacks, cryptanalytic reconstruction of RNG state, and broader class of "randomness-based attacks" against ML pipelines, cryptographic protocols, or Bluetooth pairing (Prabhu et al., 9 Feb 2026, Tillmanns et al., 2020).
- Supply-chain and dependency attacks, such as backdoored PRNG modules, have been documented; lack of statistical auditing in major ML and cryptographic libraries remains a persistent vector (Prabhu et al., 9 Feb 2026, Tillmanns et al., 2020).
- Best-Practice Mitigations:
- Always seed PRNGs from high-entropy sources (OS CSPRNG, hardware TRNGs).
- Enforce policy by runtime/static analysis layers (e.g., RNGGuard), injecting secure PRNGs and statistical audits via code instrumentation and call graph analysis at load-time (Prabhu et al., 9 Feb 2026).
- Employ statistical goodness-of-fit tests (χ², KS) at both development and deployment stages, and adopt strict post-processing (NIST SP800-90/A conditioning, seed rotation) in firmware for cryptographically sensitive deployments (Foreman et al., 2024, Tillmanns et al., 2020, Zahoor et al., 7 Jul 2025).
5. RNGs in High-Performance and Embedded Systems
Efficient RNG deployment in compute-intensive and embedded environments requires careful co-design with pipeline, memory, and instruction-level parallelism.
- Performance Modeling for RNG in ML Workloads:
- In LLMs and Transformers, RNG (e.g., Philox in Flash-Attention dropout) can become a throughput bottleneck. Profiling and performance modeling demonstrate instruction-issue and ALU bottlenecks, limiting overlap with attention/matmul unless hardware resources are decoupled via multi-stream execution (Ma et al., 2024).
- Overlapping RNG generation with GEMM layers yields measured speedups up to 1.23× for Llama2 on GH100, with model-predicted optimality depending on workload and hardware configuration (Ma et al., 2024).
- Hardware and Embedded Adaptations:
- Adaptive architectures, such as LPF-tracked digitizers combined with resource-minimal post-processors (e.g., Mini-Trivium), dramatically improve robustness to device/process variation and reduce area/power overhead (Zahoor et al., 7 Jul 2025).
- RNG blocks in Bluetooth and 5G devices now include dedicated on-chip entropy sources and, for multi-stream deployments, block-splitting techniques (mathematical jump-ahead, parallel SEED management) for up to 4 independent pseudorandom streams (Barash et al., 2013, Tillmanns et al., 2020, Catak et al., 2023).
6. Advanced RNG Applications: Simulation, ML, Cryptography, and Beyond
- Monte Carlo and High-Dimensional Simulation:
- RNGs satisfying mixing criteria (K-systems) are required to avoid hidden correlations in high-precision statistical physics, Bayesian computations, and quantum simulation. Decimation (output skipping) based on Lyapunov exponent analysis ensures sufficient statistical separation (James et al., 2019).
- RNGSSELIB and state-of-the-art libraries offer vectorized, SIMD-optimized RNG kernels and full support for reproducible parallel substreams in large-scale simulation (Barash et al., 2013).
- ML, Adversarial Robustness, Differential Privacy:
- RNGs underpin regularization (dropout), weight initialization, data augmentation, and cryptographically secure DP noise. Flawed or predictable seeds, as detected in prominent ML frameworks, have been exploited for data exfiltration and integrity attacks. Secure design mandates high-entropy OS/hardware seeds, runtime enforcement, and on-the-fly statistical auditing (Prabhu et al., 9 Feb 2026).
- Cryptographic Protocols:
- Keys, nonces, and protocol randomness require both forward secrecy and guaranteed unpredictability under adversarial scrutiny. Modern best practice includes hardware-backed entropy sources, hardware-based and quantum RNGs, NIST-certified extractors, and continual statistical health checks (Tsurumaru et al., 2019, Stipcevic, 2011).
- Emerging Analog and Physical-Domain Sources:
- Exploiting environmental randomness (5G spectrum), chaos in nanoresonators, or optically controlled bistabilities offers paths to high-throughput, low-power, and physically unclonable RNG implementations for future secure IoT, photonic, and neuromorphic systems (Catak et al., 2023, Madiot et al., 2022, Mukhamedyanov et al., 25 Nov 2025, Cardwell et al., 2022).
7. Evaluation Metrics and Trade-Offs
RNG evaluation integrates statistical analysis with throughput, energy, physical area, composable security, and resilience to environment and attack.
| Generator Type | Throughput | Energy/bit | Security | NIST/Diehard Pass | Hardware Cost |
|---|---|---|---|---|---|
| MTJ-based SOT (Maicke et al., 2023) | 37 Mb/s/dev | 0.15 pJ | True/Physical | Yes, uniform/exp dist | Nanoscale CMOS |
| APD-based Quantum (Wang et al., 2015) | 0.69 Mb/s | n/a | Quantum/IT | All tests; 5 pass | Si/CMOS/III-V |
| sMTJ (adaptive) (Zahoor et al., 7 Jul 2025) | 2.4 Mb/s | n/a | Physical | All 16 NIST STS | 620 LUTs |
| High-luxury RANLUX++ (James et al., 2019) | 127–253 Mb/s | n/a | Provable mixing | BigCrush, Spectral | Standard CPU |
| 5G-SRNG (Catak et al., 2023) | 0.8 Mb/s | <1 μJ/32b | Physical/Env | All 15 NIST | Reuses RF/ADC |
| Bluetooth HRNG (Tillmanns et al., 2020) | 7 Mb/s | n/a | True HW | Dieharder, TestU01 | Integrated |
| Chaotic NEMS (Madiot et al., 2022) | 3.7 kb/s (per quad) | n/a | Physical | All NIST SP800-22 | On-chip NEMS |
| ML PRNG w/Guard (Prabhu et al., 9 Feb 2026) | 8+ Mb/s | n/a | CSPRNG–dep. | GoF dynamic verify | CPU, with overhead |
Trade-offs are highly application-dependent: cryptographic deployments favor information-theoretic (quantum) or hardware sources with minimal bias and highly vetted post-processing; high-throughput simulation prefers mixing property and empirical indistinguishability; embedded and distributed IoT devices prioritize PVT resilience and ultra-low hardware/power cost.
References:
- (Wang et al., 2015) Robust quantum random number generator based on avalanche photodiodes
- (Foreman et al., 2024) Statistical testing of random number generators and their improvement using randomness extraction
- (Ma et al., 2024) Reducing the Cost of Dropout in Flash-Attention by Hiding RNG with GEMM
- (Prabhu et al., 9 Feb 2026) One RNG to Rule Them All: How Randomness Becomes an Attack Vector in Machine Learning
- (Madiot et al., 2022) Random number generation with a chaotic electromechanical resonator
- (Catak et al., 2023) 5G-SRNG: 5G Spectrogram-based Random Number Generation for Devices with Low Entropy Sources
- (Mukhamedyanov et al., 25 Nov 2025) All-Optical Brillouin Random number Generator
- (Wu et al., 2016) Random number generation with cosmic photons
- (Cardwell et al., 2022) Probabilistic Neural Circuits leveraging AI-Enhanced Codesign for Random Number Generation
- (Tillmanns et al., 2020) Firmware Insider: Bluetooth Randomness is Mostly Random
- (Tsurumaru et al., 2019) Secure random number generation from parity symmetric radiations
- (Stipcevic, 2011) Quantum random number generators and their use in cryptography
- (Zahoor et al., 7 Jul 2025) Adaptive Variation-Resilient Random Number Generator for Embedded Encryption
- (Maicke et al., 2023) Magnetic Tunnel Junction Random Number Generators Applied to Dynamically Tuned Probability Trees Driven by Spin Orbit Torque
- (Barash et al., 2013) RNGSSELIB: Program library for random number generation. More generators, parallel streams of random numbers and Fortran compatibility
- (James et al., 2019) Review of High-Quality Random Number Generators
- (Fan et al., 2024) RNG: Relightable Neural Gaussians