Random Number Generation: True Random vs Pseudo-Random Explained (2026)

What Is Randomness?

A truly random number is one that cannot be predicted, even in principle, given complete knowledge of every prior event. It has no pattern, no bias, and no reproducibility. In practice, this kind of randomness requires a physical source of unpredictability — and that turns out to be surprisingly difficult to achieve with a computer.

Most of what we call “random” in everyday computing is actually pseudo-random: sequences generated by deterministic algorithms that look statistically random but are not. Given the same starting point, they produce the exact same numbers every time.

That distinction matters more than most people realize.

How Computers Generate Pseudo-Random Numbers

A pseudo-random number generator (PRNG) is an algorithm that takes a starting value (the seed) and applies a mathematical transformation to produce a sequence of numbers that passes statistical tests for randomness. The sequence appears unpredictable, but it’s entirely deterministic.

Linear Congruential Generator (LCG)

The simplest and oldest PRNG. Each number is generated by the formula:

X(n+1) = (a × X(n) + c) mod m

Where a, c, and m are constants, and X(0) is the seed. LCGs are fast and simple but have short periods (they repeat after m numbers at most) and fail many statistical randomness tests. They were common in early video games and spreadsheets. Not suitable for security.

Mersenne Twister

Developed by Makoto Matsumoto and Takuji Nishimura in 1997, the Mersenne Twister is the most widely used PRNG in the world. Its period is 2¹⁹⁹³⁷−1 — a number with over 6,000 digits. You would need to generate numbers faster than the age of the universe to cycle through it completely. According to the original paper (Matsumoto & Nishimura, 1998), it passes virtually all standard statistical tests for randomness.

Python’s random module, Ruby’s built-in rand, PHP’s mt_rand, and many statistical packages all use the Mersenne Twister. It’s fast, has excellent statistical properties, and a very long period.

But it’s not cryptographically secure. If an attacker observes 624 consecutive outputs, they can reconstruct the entire internal state and predict every future number.

True Random Number Generators (TRNGs)

True random number generators harvest entropy from unpredictable physical processes. No algorithm is involved in the randomness itself.

Hardware-Based TRNGs

Modern CPUs include hardware random number generators that sample thermal noise, electrical noise on circuits, or timing jitter. Intel’s RDRAND instruction and AMD’s equivalent read from an on-chip noise source. Operating systems expose this via /dev/random (Linux), CryptGenRandom (Windows), or SecRandomCopyBytes (macOS/iOS).

Atmospheric Noise

Random.org, operated by Mads Haahr at Trinity College Dublin, generates random numbers by measuring atmospheric radio noise — the electromagnetic interference from lightning, solar activity, and other natural phenomena. According to Random.org’s published statistics, the service generates approximately 5.5 million random bytes per day. The randomness is verified against NIST statistical test suites continuously.

Quantum Random Number Generators

Quantum mechanics is fundamentally random at the particle level — the outcome of a quantum measurement cannot be predicted even in principle. Quantum RNGs exploit this by measuring photon arrival times, quantum vacuum fluctuations, or photon path decisions at a beamsplitter. A 2021 study in Physical Review Letters demonstrated quantum RNG at speeds exceeding 250 Gbps— the fastest verified quantum RNG at the time of publication. Commercial quantum RNG chips are now available for high-security applications.

Cryptographically Secure PRNGs (CSPRNGs)

For security applications, you don’t necessarily need true random numbers — you need numbers that are computationally unpredictable. A CSPRNG is a PRNG that meets this higher bar: even if an attacker observes any number of outputs, they cannot predict future outputs or reconstruct prior ones.

According to NIST SP 800-90A (the federal standard for random number generation), CSPRNGs are required for cryptographic key generation, token creation, nonce generation, and any other security-critical application. The Mersenne Twister explicitly does not meet this standard.

Common CSPRNGs include:

• ChaCha20: Used in Linux’s kernel CSPRNG since 2022
• Fortuna: Used in macOS and iOS
• CTR_DRBG: NIST-approved, widely used in enterprise software

In practice: use secrets in Python (not random), crypto.randomBytes() in Node.js, or SecureRandom in Java for anything security-sensitive.

Why Randomness Matters

Cryptography

Weak randomness has caused real-world security failures. In 2012, researchers discovered that millions of RSA keys shared common factors — caused by poor entropy at key generation time, often on embedded devices booting for the first time. If two devices generate keys using overlapping pseudo-random states, an attacker can factor both private keys using basic arithmetic. The entire security of RSA depends on the attacker not being able to predict the prime numbers used.

Simulations and Modeling

Monte Carlo simulations use random numbers to model complex systems — financial risk, weather patterns, particle physics, drug interactions. The Mersenne Twister is ideal here: its extremely long period prevents correlations across billions of samples, and its reproducibility (via seeding) lets researchers replicate results exactly.

Lotteries and Games of Chance

The US Powerball lottery uses a dual-drum mechanical draw from 69 white balls and 26 red balls — a physical TRNG. The odds of winning the jackpot are 1 in 292,201,338, per official Powerball rules. Online lotteries and casinos use certified CSPRNGs audited by independent testing labs (GLI, BMM, eCOGRA) to verify fairness.

Statistical Sampling

Surveys, clinical trials, and A/B tests require random sampling to produce unbiased results. A PRNG seeded with a fixed value works well here — you get a reproducible sample (important for auditing) that is statistically random enough for valid inference.

Practical Use Cases at a Glance

How to Generate Random Numbers in Excel and Google Sheets

Both spreadsheet platforms have built-in random number functions that recalculate every time the sheet updates.

Excel

• RAND() — Returns a random decimal between 0 and 1 (e.g., 0.4823). To scale it, multiply: =RAND()*100 gives 0–100.
• RANDBETWEEN(bottom, top) — Returns a random integer in the range. =RANDBETWEEN(1,6) simulates a die roll.

To prevent recalculation and lock in a value: select the cell, press F9, then Enter. Or copy and Paste Special → Values.

Google Sheets

The functions are identical: RAND() and RANDBETWEEN(low, high). To freeze a value, copy the cell and use Edit → Paste Special → Paste values only.

Both use the application’s internal PRNG — fine for casual use, not appropriate for cryptographic purposes.

Picking Random Items from a List

Need to pick a random name from a list? Several approaches work:

• In Excel/Sheets: Add a helper column with =RAND() next to your list, then sort by that column. The result is a random shuffle.
• In Python: random.choice(my_list) picks one item; random.sample(my_list, k) picks k items without replacement.
• For fair giveaways: Assign each entrant a number, then use our Random Number Generator to pick the winner. Screenshot the result for transparency.

Common Misconceptions About Randomness

The Gambler’s Fallacy

After flipping heads 10 times in a row, people feel tails is “due.” It isn’t. Each flip is independent. A fair coin has a 50% chance of heads on flip 11 regardless of what happened before. Random sequences have no memory.

“That looks too random”

Humans are bad at recognizing truly random sequences. We expect them to be more evenly spread than they actually are. In a random sequence of 100 coin flips, you should expect a run of 6 or 7 heads in a row. That’s not a pattern — it’s what randomness actually looks like.

“My lottery numbers are lucky”

Choosing 1, 2, 3, 4, 5, 6 has exactly the same probability of winning as any other combination. About 10,000 people typically play this combination per draw, so if it won, the jackpot would be split 10,000 ways. Statistically, popular numbers are worse to play — not because they’re less likely to be drawn, but because more people play them.

Frequently Asked Questions

What is the difference between true random and pseudo-random numbers?

True random numbers come from unpredictable physical processes — atmospheric noise, radioactive decay, or quantum events. Pseudo-random numbers are generated by a deterministic algorithm that produces sequences appearing random but are fully reproducible if you know the starting seed. For most everyday uses, pseudo-random is perfectly fine. For cryptography, you need a cryptographically secure source.

Are computer random numbers truly random?

No. Most programming languages use pseudo-random number generators (PRNGs) — deterministic algorithms that produce number sequences that look random. Python’s random module and most standard libraries use the Mersenne Twister, which is not cryptographically secure. For security applications, use secrets in Python, crypto.randomBytes() in Node.js, or similar CSPRNG functions.

How do I pick a random number between 1 and 10?

Use our Random Number Generator — enter 1 as the minimum and 10 as the maximum, then click generate. In Excel or Google Sheets, use =RANDBETWEEN(1,10). In Python, use random.randint(1, 10).

How do I generate a random number in Excel?

Excel has two functions: RAND() returns a decimal between 0 and 1, and RANDBETWEEN(bottom, top) returns a whole number in a range. Use =RANDBETWEEN(1,100)for a random integer from 1 to 100. Both recalculate every time the spreadsheet updates — press F9 or paste as values to lock in a result.

What is a random number seed?

A seed is the starting value fed into a PRNG algorithm. Given the same seed, a PRNG always produces the same sequence of numbers. This is useful in simulations and testing where you want reproducible results. For example, random.seed(42)in Python always generates the same sequence. True random number generators have no seed — they draw from physical entropy.

Are random number generators fair for giveaways?

A properly implemented RNG is perfectly fair — each entry has an equal probability of selection. For verifiable fairness, use a true RNG (hardware-based or atmospheric noise source) and publish the methodology so participants can verify the draw wasn’t manipulated. Our Random Number Generatoruses the browser’s built-in cryptographically secure random source.