views:

398

answers:

6

Any general guidelines? Or particular fast method?

Thanks in advance.

+4  A: 

You can generate pseudorandom numbers by manipulation of bits by simulating a LINEAR FEEDBACK SHIFT REGISTER

The question then becomes 'how many bits do you want to simulate?'

Wikipedia has some information.

pavium
Each time microcontroller is reset, I'll get same set random numbers. How can I avoid that? In other words, how can I set random seed?
Donotalo
No real time clock on your controller? That can act as a seed.
Will Hartung
We have a RTC but it is a project-wise decision not to use that. We simulate RTC by firmware. Thanks for the comment. The firmware's second counter can be used as seed.
Donotalo
Chosen as best answer because I found LFSR is least time consuming to implement and it is also fast. I'm using static value to use as seed because our devices will hardly be reset. When reset occurs, it doesn't matter if it produces same random numbers. The seed value 0xAC gives a period of more than 10^8.
Donotalo
Picking the right seed for the right bit pattern will give you a maximal LFSR, which will generate all numbers in the bit pattern except for 0.
plinth
+2  A: 

If you have access to an ADC, then you can read the least significant bit from it, and use it as a seed for a Pseudo Random Number Generator, like others have posted. Obviously you will need to read more than one bit from the ADC, so multiple reads are needed, which could take a while. But you only need to do this once, at startup for example, and then use faster PRNG to generate new random numbers.

Many embeded devices have built inn ADC, for example the ATMega family form Atmel.

Marius
+5  A: 

One normally generates pseudo-random numbers and not actual random numbers, although both are possible at varying rates.

There are two general categories, depending on whether the sequence will be used for cryptographic purposes. The primary distinction is whether knowledge of one number in the sequence allows prediction of the next. General purpose RNG's don't worry about whether knowledge of the algorithm would allow an observer to duplicate the sequence, and they run quite a bit faster.

A typical general purpose RNG algorithm is the Mersenne Twister. There are many public implementations of various algorithms. See here for one.

If the MT requires too much memory, a half-way-decent fallback is the linear congruential generator. (The MT wasn't invented until 1997.) This generator has certain issues but it requires almost no memory, almost no code, and is extremely fast. Implementations are everywhere, and it was covered in detail in Knuth's Seminumerical Algorithms.

To seed any RNG, you will need a source of entropy, see http://en.wikipedia.org/wiki/Entropy_(computing) (Note: SO gets confused about the ()'s in that link.) This is typically derived by timing events that the CPU can observe, such as keystrokes, (I guess that won't work for you) interrupts, and packet arrivals. A real time clock is often an acceptable source if it maintains its own state, as reboots are rarely timed in any sort of sequence.

DigitalRoss
These RNG's need a seed to work. Each time the microcontroller is reset, I'll get same set of random numbers.
Donotalo
Aha, good question. (We get basic RNG questions here on SO all the time so forgive us for reflexively firing out the basic answer. :-) Anyway, I've updated my answer. I'll do another update in a minute...
DigitalRoss
Mersenne Twister uses a state space that is too big for microcontrollers.
starblue
+1  A: 

Pseudo random number generators that are the fastest and least demanding w.r.t. the instruction set (only shift and xor, no multiplication or division) are smaller variants of the Mersenne twister idea (called Generalized Linear Feedback Shift register). Mersenne twister itself needs too much memory for microcontrollers.

The problem with these generators is that they may generate long sequences near zero if you are unlucky. With a reasonable size of the state space and initialization from another PNRG this is however unlikely.

They are also not secure for cryptography or gambling, an intelligent adversary can predict future states after observing the output. This is because they are linear.

I once designed such a generator for a small nonstandard processor with a state space of about 50 24-bit words. I tested variants with the Diehard test suite until I found a good one. The application was generating random variations for a hardware test.

starblue
+1  A: 

If the hardware has a button for the user, a simple trick is to count how long the button is pressed. With a fast enough short counter you get a "random" number.

Purple Tentacle
Do you know of any estimates of the number of bits of entropy, given a counter speed of 'x' Hz?
Craig McQueen
Sorry, no. I guess someone smart could figure that out.
Purple Tentacle
This is a good solution but in my case I need the random number far before user interaction takes place (actually, as soon as micro gets power). Thanks for the idea though.
Donotalo
A: 

Reading the timer and xoring/nanding/etc it with a series of bits will give a semi random to the user, as the timing between events is likely to be enough apart that the user won't really be able to tell the correlation with the timer.

onaclov2000