Intro Hi everyone! Oftentimes, when programming things that are supposed to be secure, we hear stuff about only using Cryptographically Secure PRNGs (CSPRNGs), and not just any old random-number generating function such as Python’s random module or PHP’s mt_rand. Today, we’re going to open the black box, understand how a PRNG (Pseudo-Random Number Generator) works, and find out whether this is truly something to be concerned about (spoiler: as you can guess from the title, it is). Why am I doing this in Go? I wanted to use Go for a really long time, and never had the chance to work on a project involving Go, and this is a good opportunity :) Without further ado, let’s get started! What even is a PRNG? We all have some notion of what randomness means. For example, rolling dice is considered random, because the outcome is not known in advance: the probability distribution of all outcomes is uniform. But how can we generate random numbers in the digital world? For example to give users a secret token, or to run some simulation? Random Number Generation on the computer can be split into two types: Hardware Random Number Generators (HRNGs), which rely on external factors, such as the physical environments, or entropy from the operating system (for example how many mouse clicks happened in the last minute) PseudoRandom Number Generators (PRNGs) which rely on an internal state to generate numbers. The numbers they generate still distribute uniformly, but because they rely on an internal state, the sequence of generated numbers is predefined In the next section, we’re going to implement one of the most common PRNGs used today, and after that see how we can crack it. How Do We Make One? The PRNG we are going to talk about today is called the Mersenne Twister (MT for short). It was invented in 1997 by Makoto Matsumoto and Takauji Nishimura, and has since become the default PRNG in many programming languages: for example, the mt is PHP’s mt_rand stands for Mersenne Twister. Python (random module) and JS Math.random() also use it for random number generation. To generate random numbers, the MT maintains an internal state composed of 624 word-sized integers (i.e. if we are generating uint32s, each element in the internal state is a uint32). We represent it in Go using the following structure: