Learned pseudo-random number generator: WGAN-GP for generating statistically robust random numbers

Pseudo-random number generators (PRNGs) are software algorithms generating a sequence of numbers approximating the properties of random numbers. They are critical components in many information systems that require unpredictable and nonarbitrary behaviors, such as parameter configuration in machine learning, gaming, cryptography, and simulation. A PRNG is commonly validated through a statistical test suite, such as NIST SP 800-22rev1a (NIST test suite), to evaluate its robustness and the randomness of the numbers. In this paper, we propose a Wasserstein distance-based generative adversarial network (WGAN) approach to generating PRNGs that fully satisfy the NIST test suite. In this approach, the existing Mersenne Twister (MT) PRNG is learned without implementing any mathematical programming code. We remove the dropout layers from the conventional WGAN network to learn random numbers distributed in the entire feature space because the nearly infinite amount of data can suppress the overfitting problems that occur without dropout layers. We conduct experimental studies to evaluate our learned pseudo-random number generator (LPRNG) by adopting cosine-function-based numbers with poor random number properties according to the NIST test suite as seed numbers. The experimental results show that our LPRNG successfully converted the sequence of seed numbers to random numbers that fully satisfy the NIST test suite. This study opens the way for the “democratization” of PRNGs through the end-to-end learning of conventional PRNGs, which means that PRNGs can be generated without deep mathematical know-how. Such tailor-made PRNGs will effectively enhance the unpredictability and nonarbitrariness of a wide range of information systems, even if the seed numbers can be revealed by reverse engineering. The experimental results also show that overfitting was observed after about 450,000 trials of learning, suggesting that there is an upper limit to the number of learning counts for a fixed-size neural network, even when learning with unlimited data.

Thank you for reading our manuscript and for taking the time to give us your kind feedback. Based on your insightful comments and questions, we have updated the manuscript. Please find our written responses to your questions below.
For Editors: Thank you very much for your pertinent remarks. We have reviewed and rewritten the text in the Methods section. We deeply apologize for any duplication from previous studies and will take care to avoid such duplication in the future.

For Reviewer #1
Thank you very much for your kind comments. Thanks to your suggestions, we were able to amend and meet standard reproducibility criteria. The source code developed in this study has been uploaded to the following GitHub link. We hope you will find it useful.

https://github.com/kiyoooooo/PlosOne_Learned_PRNG
We also write them in Data Availability Statement as below.
"All of our source codes developed in this study are freely available at https://github.com/ kiyoooooo/PlosOne_Learned_PRNG. Every data including input seeds and output seeds can be reproduced by them."

For Reviewer #2
Thank you very much for your kind comments. Thanks to your suggestions, we were able to amend and improve the text taking into consideration the questions and points you raised that we needed to pay attention to. Please find our response to the points and questions raised below. This was not clearly explained at all in the previous version of our manuscript and we should have worded this better. We are sorry for the misleading presentation.
In this study, we have redefined the problem and applied this machine learning architecture as a completely new approach, rather than brushing up on previous research. The GAN model used in our study is a widely known and applied model, and not a new AI model. After considering various versions of GAN models, we decided to use WGAN as a superior version of normal GAN. Although the theme of our study is similar to previous research, there are differences in the input seed, GAN architecture, and output method, making it difficult to make a strict comparison. However, according to the reports, while previous research utilized 10 test runs in the NIST test, we confirmed the results using 1000 test runs, which is standard practice. We recognize that one of the contributions of this research is the ability to generate random numbers using GANs based on the standard evaluation way of the NIST test.

Additional statement:
(i) e.g. 10 test runs in the previous studies (Line 69 on page 3 in the Introduction) (ii) rather than just brushing up on previous research. (Line 75 on page 3 in the Introduction) (iii) a GAN with the Wasserstein distance, which is already known as a sophisticated version of GAN. (Line 77 on page 3 in the Introduction) (iv) The use of these input seeds is also different from the previous studies. (Line 337 on page 10 in the Results and Discussion) 2. "The neural networks used in our method are both portable and robust against reverse engineering (difficult to interpret by humans)" (Lines 102-106). Please justify. Can a neural network be trained to reverse-engineer and learn the parameters of the WGAN?
Following your very helpful comments we could have updated the manuscript like below.
Additional statement: "Our NN-based random number generator has two benefits: reverse engineering resistance and cross-platform portability among servers and clients. To clarify these benefits, we will first outline how commonly PRNGs are used in mobile applications such as games and social networking services. Pseudo-random numbers are widely used not only in high-risk areas like encryption and security, but also in areas that require randomness and nonarbitrariness, such as the parameter for natural and smooth animation in user interfaces and the control parameters for computer-operated Non-Player Characters (NPCs) in games. PRNGs are particularly acknowledged as an essential technology of in the gaming industry, which have a significant impact on determining the winner of a game . Yet, the number of behaviors that violate game regulations, such as reverse engineering [1] to the seed of a PRNG to anticipate the next random number, has increased exponentially due to the generalization of game development tools such as Unity [2]. It is crucial to provide a simple and portable method to prevent the reverse engineering of a PRNG that is used carelessly.
Thus, game industries have adopted encrypting random number generation process and frequently changing the decryption key, approximately every few weeks, as the simplest and most practical way to prevent reverse engineering. Such a brute-force method is effective so long as the frequency of key changes exceeds the time and cost necessary to decrypt or to find the decryption key. However, due to the fact that the algorithm for the pseudo-random number generator is already known and limited in number such as , once a seed location in memory is decrypted, the next random number generation result may be simply anticipated. As new pseudorandom number generation algorithms are developed only every few years at least, it is totally impractical to try to develop a new PRNG algorithm every week to prevent to prevent guessing the random number generators.
Our Learned PRNG allows the random number generator to be automatically created weekly by ordinary engineers who are not expert of mathematics. This renders it impossible to predict the behavior of applications utilizing Learned PRNGs, even if the memory location of the seed is disclosed, because it is difficult to investigate the behavior of the learned PRNG using commonly available reverse engineering techniques. The Learned PRNG offers a novel counterreverse-engineering strategy that enhances the update frequency of the random number generation period, which can be used with the usual approach that often updates the encryption key. Our Learned PRNG model allows us to generate a new PRNG periodically every week from a data set of random number sequences generated by existing methods. Our research will drastically reduce the cost of delivering a new PRNG to edge devices such as smartphones, allowing us to update PRNGs more frequently than it would cost to crack and identify the PRNG and its surrounding systems.
As for the portability of the Learned PRNG model, it is a "machine/language neutral" data structure that is independent of a particular programming language or CPU architecture. The services of today must be compatible with multiple platforms, such as Apple's iOS, Google's Android, Microsoft's Windows, Apple's macOS, and Linux. In addition, we employ multiple CPUs, including x86-64, ARM, and RISV-V, on both the client-side and server-side. Numerous programming languages, such as C/C+, Python, Java, JavaScript, C#, and Swift, are used to implement services. Consequently, the cost of adapting a new PRNG to all platforms, CPUs, and programming languages is exceptionally high. Our Learned PRNG model, on the other hand, can be represented as ONNX [7], a machine-neutral and language-neutral model that is independent of these platforms, operating systems, and programming languages. Dedicated runtimes [8] and compilers [9] enable our Learned PRNG model to effectively infer random numbers on a variety of platforms and hardware. Smartphones of the present day are typically equipped with specialized chips for the rapid execution of neural networks, such as the Apple Neural Engine, which can efficiently execute NN models. Therefore, the delivery of Learned PRNGs to edge devices is practical.
A significant difficulty with the Learning PRNG is that it requires a seed sequence equal to the quantity of random numbers to be generated. Most known PRNG algorithms use an asymptotic formula to produce random numbers constantly by recursively using the output as input to generate subsequent random numbers. Further research will validate that the Learned PRNG passes the NIST test suite even when the output of WGAN is utilized as input to WGAN to create continuous random numbers." (On page 4 in the Introduction) 3. The authors cite one of their key contributions as the removal of the dropout layers in WGAN (Line 82) to improve the quality of random numbers. The model still overfits after ~250,000 iterations according to Fig. 6. A numerical comparison with and without the dropout layers would be interesting.
Thank you for these questions as they raise important points we must consider for the wider achievements of our study. As you know, the Dropout layer is used to improve the generalization performance of machine learning models by avoiding overfitting for finite and biased data. In our research, we used infinite data and uniform random numbers, which are unbiased data, as the teacher data, so we removed the Dropout layer. However, thanks to your valuable suggestions, we have additionally validated and examined how the presence or absence of the Dropout layer affects the learning results.
Additional statement: Fig.8 shows the results when a drop-apt layer is added. As can be seen, the learning results are better when the Dropout layer is removed. (Line 397 on page 14 in the Results and Discussion, Fig. 8) 4. While creating an input seed, how is the correlation removed beforehand? Also please justify how Eq (4) was chosen as the cosine function. Were other functions also tried in experiments?
Thank you so much for bringing this to our attention. This was not clearly explained at all in the previous version of our manuscript and we should have worded this better. We added the explanations about how is the correlation removed and how Eq (4) was chosen as the cosine function like below. We were able to create the ideal input seed for training GANs using trigonometric functions and have not tested it with any other functions.

Original statement:
(i) "We experimented with ML using various input seed values with the aim of selecting input seeds that are non-random before the transformation by the ML model and random after the transformation. We found that sine and cosine functions with various periods for each batch generated good random numbers in the range of (0,1). Various periods were used for each batch because a GAN does not eliminate the batch-to-batch correlation, making it necessary to eliminate the correlations between batches beforehand." Corrected statement: (i) "The main objective of this study is to generate random numbers using machine learning techniques, specifically by using GANs. When attempting to generate random numbers using GANs, it is important to note that the input seed should not possess random properties. Although random numbers are commonly used as input seeds, in this study, using random numbers as input seeds would not allow us to determine whether the GAN learned the random properties to generate output or simply output the input seed's properties without learning any random properties. If a sequence of numbers without randomness is used as the input seed and the output has randomness through transformation by GAN, it can be considered that GAN has learned randomness and is able to transform it into a sequence of numbers with randomness. Therefore, we devised non-random input seeds that are suitable for GAN learning. There are many possibilities for non-random number sequences, but it is important to provide various numbers to the GAN during learning. we considered number sequences with regularity or periodicity as non-random number sequences and introduced trigonometric functions. Even if a sequence of numbers can be converted to random numbers in a GAN conversion, the relationship between batches of numbers cannot be controlled by the GAN. To address this issue, we used different initial phases (R2) and periods (R1) of trigonometric functions for each batch to reduce the similarity between number sequences in advance. This is also important in providing diverse input seeds for GAN learning."(on page 9 in the Results and Discussion) (ii) To make Fig. 5 easier to understand, we have added explanations for each axis direction to the figure. (Fig.5) Additional statement: "which are introduced to reduce the similarity of the numerical sequences and to provide a variety of input seeds" (Line 331 on page 10 in the Results and Discussion) "The horizontal axis represents a sequence of non-random numbers representing a single input seed, and the vertical axis represents the data from each of the 64 batches." (Fig.5) 5. This method uses a poorly random sequence as the seed. Does the output of the WGAN improve with the quality of randomness of the input seed?
Thank you for your insightful question. This is an important point that we should have made clear. The task we addressed in this study is to generate random numbers using machine learning. Therefore, we needed to investigate whether it is possible to convert input seeds without random properties to outputs with random properties. This is why we developed input seeds using trigonometric functions. In addition to this, based on the valuable questions we received, we divided this question into two separate cases: