How random is JavaScript's Math.random?

2020-01-24 11:39发布

问题:

For 6 years I've had a random number generator page on my website. For a long time, it was the first or second result on Google for "random number generator" and has been used to decide dozens, if not hundreds of contests and drawings on discussion forums and blogs (I know because I see the referrers in my web logs and usually go take a look).

Today, someone emailed me to tell me it may not be as random as I thought. She tried generating very large random numbers (e.g., between 1 and 10000000000000000000) and found that they were almost always the same number of digits. Indeed, I wrapped the function in a loop so I could generate thousands of numbers and sure enough, for very large numbers, the variation was only about 2 orders of magnitude.

Why?

Here is the looping version, so you can try it out for yourself:

http://andrew.hedges.name/experiments/random/randomness.html

It includes both a straightforward implementation taken from the Mozilla Developer Network and some code from 1997 that I swiped off a web page that no longer exists (Paul Houle's "Central Randomizer 1.3"). View source to see how each method works.

I've read here and elsewhere about Mersenne Twister. What I'm interested in is why there wouldn't be greater variation in the results from JavaScript's built-in Math.random function. Thanks!

回答1:

Given numbers between 1 and 100.

  • 9 have 1 digit (1-9)
  • 90 have 2 digits (10-99)
  • 1 has 3 digits (100)

Given numbers between 1 and 1000.

  • 9 have 1 digit
  • 90 have 2 digits
  • 900 have 3 digits
  • 1 has 4 digits

and so on.

So if you select some at random, then that vast majority of selected numbers will have the same number of digits, because the vast majority of possible values have the same number of digits.



回答2:

Your results are actually expected. If the random numbers are uniformly distributed in a range 1 to 10^n, then you would expect about 9/10 of the numbers to have n digits, and a further 9/100 to have n-1 digits.



回答3:

There different types of randomness. Math.random gives you an uniform distribution of numbers.

If you want different orders of magnitude, I would suggest using an exponential function to create what's called a power law distribution:

function random_powerlaw(mini, maxi) {
    return Math.ceil(Math.exp(Math.random()*(Math.log(maxi)-Math.log(mini)))*mini)
}

This function should give you roughly the same number of 1-digit numbers as 2-digit numbers and as 3-digit numbers.

There are also other distributions for random numbers like the normal distribution (also called Gaussian distribution).



回答4:

Looks perfectly random to me! (Hint: It's browser dependent.)

Personally, I think my implementation would be better, although I stole it off from XKCD, who should ALWAYS be acknowledged:

function random() {
  return 4; // Chosen by a fair dice throw. Guaranteed to be random.
}


回答5:

The following paper explains how math.random() in major Web browsers is (un)secure: "Temporary user tracking in major browsers and Cross-domain information leakage and attacks" by Amid Klein (2008). It's no stronger than typical Java or Windows built-in PRNG functions.

On the other hand, implementing SFMT of the period 2^19937-1 requires 2496 bytes of the internal state maintained for each PRNG sequence. Some people may consider this as unforgivable cost.



回答6:

If you use a number like 10000000000000000000 you're going beyond the accuracy of the datatype Javascript is using. Note that all the numbers generated end in "00".



回答7:

I tried JS pseudorandom number generator on Chaos Game.

My Sierpiński triangle says its pretty random:



回答8:

Well, if you are generating numbers up to, say, 1e6, you will hopefully get all numbers with approximately equal probability. That also means that you only have a one in ten chance of getting a number with one digit less. A one in a hundred chance of getting two digits less, etc. I doubt you will see much difference when using another RNG, because you have a uniform distribution across the numbers, not their logarithm.



回答9:

Non-random numbers uniformly distributed from 1 to N have the same property. Note that (in some sense) it's a matter of precision. A uniform distribution on 0-99 (as integers) does have 90% of its numbers having two digits. A uniform distribution on 0-999999 has 905 of its numbers having five digits.

Any set of numbers (under some not too restrictive conditions) has a density. When someone want to discuss "random" numbers, the density of these numbers should be specified (as noted above.) A common density is the uniform density. There are others: the exponential density, the normal density, etc. One must choose which density is relevant before proposing a random number generator. Also, numbers coming from one density can often be easily transformed to another density by carious means.