The German Federal Office for Information Security (BSI) has established

criteria for quality random number generator (rng):

- A sequence of random numbers has a high probability of containing no identical consecutive elements.
- A sequence of numbers which is indistinguishable from true random’ numbers (tested using statistical tests.
- It should be impossible to calculate, or guess, from any given sub-sequence, any previous or future values in the sequence.
- It should be impossible, for all practical purposes, for an attacker to calculate, or guess the values used in the random number algorithm.

Points 3 and 4 are crucial for many applications. Everytime you make a

phone call, contact to a wireless point, pay using your credit card random

numbers are used.

Designing a good random number generator is hard and as a general rule you should never try to. **R** comes with many good quality random generators. The default generator is the Mersenne-Twister. This rng has a huge period of (how many random numbers are generated before we have a repeat).

## Linear congruential generators

A linear congruential generator (lcg) is a relatively simple rng (popular in the 60’s and 70’s). It has a simple form of

where $latexr_0$ is the initial number, known as the *seed*, and \(a,b,m\) are the *multiplier*, *additive constant* and *modulo* respectively. The parameters are all integers.

The modulo operation means that at most different numbers can be generated

before the sequence must repeat – namely the integers . The

actual number of generated numbers is , called the *period* of

the generator.

The key to random number generators is in setting the parameters.

### RANDU

RANDU was a lcg with parameters and . Unfortunately this is a **spectacularly** bad choice of

parameters. On noting that , then

So

On expanding the square, we get

Note: all these calculations should be to the mod . So there is a large

correlation between the three points!

If compare randu to a standard rng (code in a gist)

It’s obvious that randu doesn’t produce good random numbers. Plotting , and in 3d

### Generating the graphics

The code is all in a gist and can be run via

devtools::source_gist("https://gist.github.com/csgillespie/0ba4bbd8da0d1264b124")

You can then get the 3d plot via

scatterplot3d::scatterplot3d(randu[,1], randu[,2], randu[,3],

angle=154)

## Interactive version

threejs::scatterplot3js(randu[,1], randu[,2], randu[,3])

Yeah, I ran across randu in code that was *written* in the early 1990s and still in use in 2014 at a certain large US defense contractor. All this even though the FORTRAN community had made it clear,in the early 1960s, that RANDU was not to be used. People just don’t learn.

Comment by Carl Witthoft — February 17, 2016 @ 5:51 pm

Wow, why on earth would anyone want to use it??

Comment by csgillespie — February 17, 2016 @ 7:24 pm

@csgillespie – because nobody is stodgier or less able to adjust to changes than a stack of engineers who grew up in the slide rule era and never saw a reason to change. Sad but true.

Comment by Carl Witthoft — February 18, 2016 @ 1:54 pm

Look up George Marsaglia and his DIEHARD battery of tests for RNG. They’ve been updated a bit since then but they form a solid basis for RNG testing.

Comment by Mark Ferguson — February 18, 2016 @ 1:06 am