Abstract

In many applications, where the quality of unpredictability is crucial, such encryption, Monte Carlo simulations, and
gaming, random number generation is essential. The categorization of random number generators (RNGs) into true
random number generators (TRNGs) and pseudorandom number generators (PRNGs) is examined in this literature
study. TRNGs provide true unpredictability at a greater cost by utilizing physical processes such as radioactive
decay or air noise. PRNGs, on the other hand, employ algorithms and, despite their periodic nature, provide
affordable solutions. Statistical and visual methods are used to evaluate the efficacy of RNGs.

Opportunistic random number generation is a unique technique that makes use of the inherent unpredictability found
in dynamic real-world data sources, such as network traffic. By increasing entropy through the unpredictable nature
of network activity, this technique improves RNGs. Several methods are investigated for producing opportunistic
random numbers from network traffic, such as hardware-based solutions, statistical methods, and entropy collection
systems. The paper addresses real-world uses of opportunistic random number generators (RNGs) in areas including
gaming, blockchain, biometric token creation, encryption, simulation, and modeling. All things considered,
opportunistic random number generators (ORNGs) offer a useful way to produce high-quality random numbers that
have applications in a variety of sectors and improve security, unpredictability, and realism in a range of computer
operations.

Introduction
A random number is a number created from a huge set of numbers or by a mathematical algorithm that assigns an
equal chance to the occurrence of all numbers in a defined distribution [1]. The main property of a random number
sequence is its independence, which means it maintains randomness and unpredictability between any two
consecutive numbers [1]. Furthermore, it is also guaranteed that the frequency of these random numbers will be
substantially equal. These numbers are generally produced with the help of random number generators, which can
be software or hardware based. The techniques for generating random numbers frequently rely on predetermined
algorithms, and their reliability is dependent on their initial seed values.

Random number generation plays a vital role in many areas like cryptography , Monte Carlo computation and
simulation, gambling, secured communication, or any fields where it's preferable to have random, unpredictable
numbers [1, 4, 5]. If the quality of these generators is high, it will be extremely tough to break into the system.
Examples of such algorithms are AES, RSA and ECC. Random numbers are largely used in cryptography to
generate session keys, signature parameters, ephemeral keys (DSA, ECDSA) or various password generators [1]. In
the field of cryptography, secret keys must follow the laws of randomness, meaning they should be completely
unpredictable and random [5].

Random numbers are classed as true random numbers and pseudorandom numbers. Programming based on
deterministic calculation is used to create random number generators; however, as the output can be anticipated if all
seed values are known, this is not truly considered true randomness and is instead referred to as pseudorandom
number generation [5]. Computer applications or programs that use true randomness are games like bingo, card
games, or lottery.

Types of Random Number Generator

Random number generators can be classified as true random number generators (TRNGs) and pseudorandom
number generators (PRNGs). Furthermore, we can classify true random number generators into four categories as
noise based RNGs, free running oscillators (FRO) RNGs, chaos RNGs, and quantum RNGs, and pseudorandom
number generators into two categories as RNGs based on linear recurrences, such as LCG and LFSR, and
cryptographic PRNGs [4]. The classification of RNGs is illustrated below in Figure 1.
 Fig 1: Classification of Random Number Generator

The key difference between TRNGs and PRNGs is that TRNGs produce random numbers using unexpected physical
medium (such as noise) whereas PRNGs employ mathematical algorithms (totally computer-generated).

PRNGs use algorithms or pre-calculated tables to simulate randomness, although they are essentially predictable and
may be predicted using statistical analysis. TRNGs use natural processes such as radioactive decay or air noise to
provide random outputs. TRNGs, despite providing real randomness, are less cost-effective and more susceptible to
wear and tear [6].

PRNGs are popular among online casinos due to their low cost, repeatability of sequences, and periodicity, which
allows control boards to check them more easily. Pseudo-RNGs can generate seemingly random sequences, but their
periodic nature makes them predictable over time. However, without understanding the underlying techniques,
repeating the same sequence becomes incredibly difficult. True random number generators, while providing true
unpredictability, are less practical due to their increased cost and vulnerability to natural entropy [6]. Finally, the
decision between pseudo-RNGs and true-RNGs is determined by the application's unique requirements and
priorities, such as online gambling.

To check the effectiveness or analysis the RNGs, there are techniques which exists:

 Visual Analysis: We can make a large bitmap image based on the numbers generated by RNGs and check
for any repetition or pattern. If you find less similarity, then the RNG is good. Below figure is the visual
comparison between Random.org algorithm and PHP rand() function generated by Bo Allen in April 2008
[7].

Fig 2: Bitmap Image of the number generated.

  Statistical Analysis: In 2005, Charmaine Kenny, a final year student at Trinity College Dublin,
recommended the list of tests from the NIST suite for use on RANDOM.ORG [7]:

o Frequency Test: Monobit

o Frequency Test: Block

o Runs Test

o Test for the Longest Runs of Ones in a Block

o Binary Matrix Rank Test

o Discrete Fourier Transform (Spectral Test)

o Non-Overlapping Template Matching Test

o Overlapping Template Matching Test

o Maurer's Universal Statistical Test

o Linear Complexity Test

o Serial Test

o Approximate Entropy Test

o Cumulative Sums Test

o Random Excursions Test

o Random Excursions Variant Test

Opportunistic Random Number Generation

In the fields of cryptography and computational randomness, opportunistic random number generation is a novel
method where random numbers are generated from opportunistic sources, namely the inherent unpredictability
found in various system elements. Utilizing dynamic, real-world data sources, opportunistic random number
generation augments the unpredictability and entropy of the generated random numbers, as opposed to depending
exclusively on deterministic algorithms or specialized hardware generators.
The exchange of information and data among devices in a network is known as network traffic, and it is naturally
unpredictable because of the variety of user behaviors, varying workloads, and outside influences on the network
infrastructure. Opportunistic random number generation from network traffic will provide a contextually rich,
dynamic, and entropy-enhanced method of generating random numbers. It is important because it may be used to
increase the security of cryptographic systems by utilizing the natural randomness that is present in network activity
that is dynamic.

The suitability of an RNG for opportunistic random number generation depends on the specific requirements of the
application and the nature of the network. There are some RNGs and methods that can be considered for
opportunistic random number generation from network traffic:
1. Entropy Gathering Mechanisms: Two Linux Pseudo-Random Number Generators (LRNGs), dev/random
and /dev/urandom, are kernel-based entropy sources on Linux systems. They can be used to gather entropy
from various system events, including network activity [9]. Also, there is Fortuna that collect entropy from
unpredictable network events to seed its PRNG, enhances the randomness for secure applications.
 2. Statistical Approaches: To extract randomness from network traffic, cryptographic hash methods like
SHA-256 are utilized [2]. The unpredictability of hash functions can help to generate random numbers. It
has been explored that statistical data such as packet arrival times, inter-packet gaps, or payload data
statistics can be used to extract randomness [7].
3. Hardware-based Solutions: Certain hardware-based RNGs integrated into network interface cards
can derive entropy from physical processes occurring within the NIC. Using a Network Interface Card
(NIC) as a source of entropy for a RNG involves extracting random or unpredictable data from the network
traffic handled by the NIC. This will improve the randomness obtained from network traffic.

Practical Applications of Opportunistic RNG

Network traffic may be used to generate opportunistic random numbers, which has potential uses in many different
fields. It is useful in situations where high-quality random numbers are necessary because it can capture the intrinsic
unpredictability of dynamic network operations. Some of the application of opportunistic RNG in diverse domains
are:
 Cryptography and Security: Opportunistic RNG will enhance the security of cryptographic system in
generating of cryptographic keys as the unpredictability of network traffic patterns adds an additional layer
of randomness to key material, making it more resistant to cryptographic attacks [2]. Also, the dynamic
nature of network traffic helps in generating nonces that are very difficult for attackers to predict or reuse.
 Secure Communication Protocols: Random numbers generated from network traffic will play a major
role in establishing secure session keys during communication. This is especially crucial for secure
communication protocols, like SSL/TLS, which safeguard online transactions. Also, these RNGs will
provide a source of randomness for generating IVs which are so important in the encryption algorithms,
like AES, to security of encrypted data.
 Games and Entertainment: Video games and other interactive entertainment often require random
numbers for various purposes, such as generating game scenarios or outcomes and these RNGs can
introduce an element of unpredictability that will enhance the gaming experience [4].
 Blockchain and Cryptocurrencies: In blockchain networks, opportunistic RNGs can contribute to the
randomness which is required for mining and consensus algorithms [2]. This will enhance the security and
unpredictability of block creation and verification processes.
 Biometric Token Generation: Random numbers generated by these RNGs can help to create safe and
unexpected tokens in biometric authentication systems when tokens are used to represent biometric
attributes. This strengthens biometric authentication's security [10].
 Simulation and Modeling: Random numbers are frequently needed for simulations in a variety of
disciplines, including physics, engineering, and finance. To achieve more realistic modeling in Monte Carlo
simulations, opportunistic RNGs can provide a realistic source of randomness that may be utilized to
capitalize on the unpredictable nature of network traffic.

Conclusion

In conclusion, random number generation is critical in many disciplines, including cryptography, gaming, secure
communication, and simulations. Systems that depend on random numerical sequences for security and efficacy are
greatly impacted by the quality and dependability of random number generators (RNGs).

The fundamental workings of pseudorandom number generators (PRNGs) and true random number generators
(TRNGs) differ from one another. To provide true unpredictability, TRNGs draw their randomness from physical
processes like ambient noise. However, because PRNGs use algorithms, knowing the seed values makes them
predictable and deterministic. While TRNGs give genuine randomness at the tradeoff of greater cost and sensitivity
to outside forces, PRNGs are more extensively used and cost-effective.

Numerous methods are used in the evaluation of RNGs, including as statistical and visual examination. Using
produced numbers as a basis, bitmap pictures are created for visual study, where differences signify more
unpredictability. In statistical analysis, the unpredictability and reliability of RNG outputs are evaluated by running a
series of tests on them, including frequency tests, runs tests, and entropy tests.

Opportunistic random number generation is a unique method to produce random number that makes use of the
inherent unpredictability in many aspects of the system, especially from network traffic. The produced numbers
exhibit contextually rich unpredictability and entropy due to the dynamic nature of network activities. This approach
presents a viable way to improve the unpredictability and security of communication protocols, cryptographic
systems, and other applications that need high-quality random numbers.

Opportunistic random number generation can be implemented in several ways, such as hardware-based solutions
embedded into network interface cards, statistical techniques employing cryptographic hash methods, and entropy
collection from system events. By removing entropy from dynamic network processes, each method adds to the
unpredictable nature of the numbers produced.

Opportunistic RNG has a wide range of real-world applications, which emphasizes their applicability and potential
influence. Opportunistic RNG improves the production of cryptographic keys and nonces in cryptography and
security by introducing an additional degree of unpredictability to deter possible assaults. The technique is essential
for creating initialization vectors (IVs) for encryption algorithms and for establishing secure session keys in secure
communication protocols. Beyond security, opportunistic random number generators are used in blockchain,
biometric authentication, games, and simulations. They improve unpredictability and realism in a variety of
contexts.

Finally, opportunistic RNG presents a potential new paradigm by using the intrinsic unpredictability of dynamic
system components, especially network traffic. Its adaptability and promise to enhance the security, dependability,
and realism of systems that rely on random number generation are demonstrated by its applications across several
disciplines. The investigation and creation of novel RNG techniques, such as opportunistic strategies, will probably
be crucial in meeting the various needs of modern applications as technology develops further.

References
[1] Priyanka, Hussain, Imran & Khalique, Aqeel. (2019). Random Number Generators and their
Applications: A Review. 7. 1777-1781.
[2] Schneier, B. Applied Cryptography. John Wiley & Sons, 2nd Edition, 1996.
[3] Eastlake, D., Schiller, J., and Crocker, S. Randomness Requirements for Security. RFC 4086, June
2005.
[4] Stipčević, Mario & Koç, Çetin. (2014). True Random Number Generators. 10.1007/978-3-319-10683-
0_12.
[5] What is a Random Number? - Definition from Techopedia,
https://www.techopedia.com/definition/31706/random-number, last accessed on 21/01/2024.
[6] Pandya, Samir. (2019). Re: Difference between TRNG or PRNG? . Retrieved from:
https://www.researchgate.net/post/Difference_between_TRNG_or_PRNG/5c7ceaed11ec738ea427fb5f/
citation/download, last accessed on 21/01/2024.
[7] Random.org, https://www.random.org, last accessed 21/01/2024.
[8] The Distributed Systems Group, Computer Science Department, TCD,
https://www.random.org/analysis/Analysis2005.pdf, last accessed 2024/01/20.
[9] Z. Gutterman, B. Pinkas, and T. Reinman, “Analysis of the linux random number generator,” 2006
IEEE Symposium on Security and Privacy (S&P’06), 2006. doi:10.1109/sp.2006.5.
[10] Dinca, L. M., & Hancke, G. (2017). User-Centric Key Entropy: Study of Biometric Key Derivation
Subject to Spoofing Attacks. Entropy, 19(2), 70. https://doi.org/10.3390/e19020070.