David Dias is a research engineer at Protocol Labs. He specializes in peer-to-peer networking and distributed systems.
Electricity, water, gas – these are just some of the public utilities we use every day, whether for cooking food in the morning, heating homes throughout the day, or charging computers at night. But what about random numbers? Do we need a public source of randomness just like we need public sources for electricity and water?
You may never have imagined this need, but there is more to randomness than you might think. While random numbers might not sound like a public good, we actually rely on randomness for a host of socially useful things.
Good randomness, defined by having high entropy, is used in the cybersecurity of our smart devices, online gambling and cryptography. It prevents hacks, secures your private keys and is critical to the functioning of the internet. It also has applications in election systems by securing the auditing process.
Election integrity depends upon fair, effective and trustworthy auditing, and only randomness has been shown to eliminate bias from this human error-prone process. Using high entropy randomness in selecting ballots and districts to audit ensures that every audit remains both unbiased and unpredictable by attackers or hackers.
If the randomness that auditors use is low entropy or predictable, then election audits will be vulnerable to manipulation and cheating.
The same basic logic applies to all other randomness use cases, such as jury selection and statistical sampling. But just because randomness is necessary to a number of civic and private functions, doesn’t mean it should be provided by centralized actors, like the state.
Right now, true randomness is hard to source and deliver.
In fact, randomness sourced solely from algorithms is, strictly speaking, impossible. That’s because every software algorithm is functionally deterministic, designed to follow the rules of its programming to produce apparently random, but ultimately predictable outputs. As a result, most random number generators rely on seeding input from outside sources of entropy, such as small changes in user mouse movement or keystroke timing.
While outside sources of entropy do increase the quality of randomness output, they don’t guarantee bias resistance. Even the best random number generators are still vulnerable to manipulation.
In one high-profile case of randomness bias, an IT specialist was able to write malicious code that biased the randomness output of numerous state lottery systems and enabled him to game the lottery in his favor.
When money or crucial cybersecurity is on the line, it’s clearly not enough to just have randomness; the randomness sources have to be secure and bias-resistant. What’s more, for randomness to work as a public utility, we also need its sources to be publicly verifiable so that anyone can check whether the numbers they generate are truly random or not.
For years, computer scientists have proposed different solutions to the problem of how to generate good, bias-resistant and publicly-verifiable randomness at scale. Various projects, such as NIST’s randomness beacon, or the UChile generator are public random beacons backed by unpredictable, high entropy systems, however, these do not deliver a mechanism for publicly-verifiability of the randomness source.
However, none of these projects are decentralized nor provide publicly verifiable randomness, leaving them vulnerable to bias from inside the institutions responsible for generating the randomness they produce. A truly bias-resistant, trustless and decentralized source of good randomness has heretofore remained only possible in our imagination. That is, until now.
In July 2020, the League of Entropy, a consortium of diverse organizations from across the world, launched a major upgrade to its distributed randomness beacon, which now serves as a production-level public randomness service. This randomness beacon protocol, named drand, provides a universally accessible source of publicly verifiable, unbiased, and unpredictable randomness.
From a technical standpoint, drand is supported by a distributed network of participants each operating their own drand node. Since the process of generating randomness values is distributed across multiple participants, there is no single point of failure or bias that could corrupt or otherwise compromise drand’s randomness. Additionally, each new randomness value can be verified by a single public key, generated collectively by all partners in the network. Anyone with the public key can both verify that the message is correct and confirm the time it was generated.
On top of that, the League of Entropy itself implements a decentralized governance model and active network monitoring, both of which enhance network robustness and further ensure that no single entity or malicious actor can compromise the network. This bias resistance and security is a game changer for the internet and for every application in need of good randomness. Today, with rapid developments in the Internet of Things and the Blockchain space, there’s greater need for secure randomness than ever before.
That’s because many blockchains and devices on the Internet of Things rely on random values to work properly and securely. Filecoin, for example, uses a random lottery to elect each epoch’s leader and fairly allocate rewards; the project is the first production user of drand. The Internet of Things has a great need for randomness as other computers but, being simple and resource-constrained, are limited in the entropy they can access. A reliable, public source of randomness can help alleviate this shortage.
A true public good serves the world by being open-source, decentralized and fully verifiable. With drand, we can help bring about a fairer, more unbiased, and more secure digital space for the entire world.