If you love casino games and fancy yourself a gambler, you may already be familiar with the idea of a random number generator (or RNG). RNGs are what is responsible for you winning (or losing) the lottery, bingo, or that impressively-progressive jackpot.
This complex technology is behind every computer-based gambling game, both in brick and mortar and online casinos. They are required to follow extremely stringent calibration protocols to abide by security standards but does that mean that they are possible to hack?
What is a Random Number Generator?
A random number generator (RNG) is just the modern equivalent of rolling dice or shuffling cards. Nowadays, this form of randomization has been mathematically constructed into a computer algorithm that works to generate a set of random numbers that (should) be free of any pattern whatsoever.
When it comes to casino games, lotteries, raffles, and similar games, RNGs take the form of blocks of code buried in software that provides the “chance” in games of chance.
True RNGs (TRNGs) vs. Pseudo RNGs (PRNGs)
The RNGs of casino games and slot machines are actually not truly random, but rather “Pseudo” RNGs. The difference between the two is actually derived by the means by which the numbers are generated.
With TRNGs, number generation is typically a completely unpredictable physical phenomenon (such as radio or atmospheric noise), powered by entropy and only explainable through quantum mechanics. PRNGs, on the other hand, utilize a mathematical algorithm or are otherwise computer-generated.
The key difference is that with computer algorithms, all output could technically be predicted if all seed values were known. Hence… “pseudo”. As with anything involving mathematics, if there is an equation involved, then it is not really random at all.
Not quite so random
So, despite the slight misnomer of “random” number generator, the core idea remains that all output will appear random to anyone that does not know the equation or the algorithm. The truth is that most RNGs are not truly random.
By utilizing an equation to create randomized output, a person with knowledge of the formula could, in fact, predict the outcomes. It is this semi-randomness that actually allows computer-based RNGs to be vulnerable to hackers.
There is actually another reason for the RNG to be only semi-random. If it were truly random, the House might not be happy with the odds.
Balance for the house
For casinos, random is far too random. If the RNG was actually purely random, the game might award more winners than the house intends. In order to keep the house edge where it needs to be, algorithms are created with an engineered balance between randomness and player wins/awards/payouts.
Since casinos are businesses that need to turn a profit in order to stay in business, the RNGs must be programmed accordingly. This process of balancing the odds slightly in favor of the house, however, does open up a weak spot for a potential attack.
So, can an RNG be hacked?
Random Number Generators are quite complex. As you can see, they involve elaborate mathematical code that’s buried in software, covered by encryption, hidden in computers that are monitored by security cameras. Good luck.
You have to be an idiot if you think you can hack a Random Number Generator. Well, maybe, and maybe not. In fact, you really only need a tiny piece of information to hack (or crack) the code.
The key
Since RNGs are basically repeated calls to functions in order to generate “random” numbers, all you need is the key to the function. Like a cipher used to decode a secret message, knowing the critical “key” is what can allow you to hack the code.
Also known as a “seed,” this number is the initial integer that is inserted to the RNG that begins the entire operation. Once you’ve found the seed, the entire algorithm can be easily deciphered.
If a hacker can substitute a pseudo-random bit in a predictable way, the short answer is that the security of the RNG is completely compromised (and usually undetectable). But boy, is that easier said than done.
There are a few notable examples of successful RNG hacks out there by various means. Some attacks succeed by means of reverse engineering and some system hacks are accidental when flaws (or bugs) in the code inadvertently reveal the key to prying eyes.
Hack is wack
As you can see, it is completely possible to hack an RNG that’s based on a computer program like the ones used in casinos and online games. That’s not to say, however, that it is easy. These companies spend a pretty penny to make sure that their games are secure with extensive protocols installed.
Companies that utilize RNG software also employ a multitude of defensive strategies such as encryption, security hardware, stream ciphers, and changeable keys. Even expert hackers might struggle with the complexities of hacking this kind of software, thus making the possibility of an outside attack rather minimal.