Random

True random like coin toss.
Pseudoramdom like generated by a computer program.
Unpredictabale
Randomness versus Unpredictability

The only reasonable way for servers/unatended is Hardware True Random Number Generator.

Practical random for seeds will ideas for using what the computer has and human input without specialized hardware,

low bits of time
mouse chase

Coin toss is unpredictable and random (each toss 50-50). But would be VERY slow because 1 bit at time.see example in en.wikipedia.org/wiki/Entropy_(information_theory)#Definition for strick definition.
While perfect regards randomness, the number of tosses even for a seed is rediculous.


Dice As A Source

  Dice are unpredictable, but randomness decreases as the number of dice used increases.  A roll of one die is completely random; that is, the probability of any value occuring is equal to that of the other possibilities.  Two dice are much less random.  The lowest result, two, and the highest result, twelve, are six times less likely to occur than seven, with probability of the other possible results falling in between.  The spread of probabilities for three dice are worse.  A result of ten or eleven is twentyseven times more likely than three or twelve.   Dispite this I will use rolling three dice as a way to generate random seed values.  For additional information see en.wikipedia.org/wiki/Dice#Probability

  With three dice the possible values are three to eighteen.  That is sixteen possibilities.  Sixteen possible states can be represented exactly with four bits, and four bits is very convenient for building bytes.  It would be even more convenient if randomness could be improved without the need for additional rolls.  The graph to the right shows the probability for "a" roll of three dice.  If for "another" roll the actual sum is swapped for another sum with the "opposite" probability, then the bias will be cancelled out across the two rolls.  For example, if a three is rolled then it is recorded as a ten, or if an eight is rolled then it is recorded as a five.  Do not confuse this with two rolls and taking the overall sum.  That would be the equivalent of six dice, with 66, or 46656, possible cominations.  A single roll of three dice has 63, or 216, possible combinations; and two separate rolls 432 combinations.

Swap Pattern
"As Rolled" 3 Dice Sums 3456 78910 11121314 15161718
"Swapped" 3 Dice Sums 10987 6543 18171615 14131211
Sum of 3 Dice 3456 78910 11121314 15161718
Sum Occurances 13610 15212527 27252115 10631
"Swapped" Sum Occurances 27252115 10631 13610 15212527
2 Roll Occurance Sum 28282725 25272828 28282725 25272828
subtract 3 you have 0 to 15). But randomness is reduced because the results are very biased,

  Of course, if the four bits of a roll and the four bits of a "swapped" roll, where always combined to make a byte the same way, then the the resulting bytes would be biased.  A way to cure this is with one random bit per roll to determine if "as rolled" or "swapped" values will be used.  The time to shake the dice, roll, and enter the result is in the tens of seconds.  Whether the number of milliseconds when result entered is odd or even is random enough; and saves additional effort by the user.


NIST SP800-90 with enough throws entropy increases enough for unpredicatibly requirements SHA based PRNG to remove bias.

Cards As A Source

playing cards. To get unbiased numbers we can get 4 bits for each card.
52 in binary is 110100, by removing 4 cards we get 48 which in binary is 110000. That is six bits long but would leave unused gaps, introducing bias. Staying with 4 bits means less cards drawn for a given ammount of entropy then dice throws.
As cards are drawn, randomness decreases because drawing that card again is impossible untill the next suffle. Unpredicabilty does not decrease. During a card game cards are exposed where the opponent can see them. However, using cards for entropy the object is not to let opponent see wants going on. Randomness can be restored by reshuffling at random time. The kings are not used, so I suggest doing a reshuffle everytime a king is drawn. After experimenting with that method I found that with all four kings in the deck, I was doing a LOT of reshuffling. Removing two or three kings from the deck on average I'd get half way through the deck before a king appeared.

Details, getting four bits.
52 - 4 kings = 48
Four suits can be two bits
48 / 4 = 12
if we let three cards be the same binary value
12 / 3 = 4
4 is another two bits
Suit for Upper 2 bits
Diamond0000
Spade0100
Heart1000
Club1100
Logical OR with
card value for
lower 2 bits
A590000
26100001
37J0010
48Q0011
Gives 4 bits per card.


Mouse Chase As A Source