I am trying to make the game MegaMind. I need to get a random number, but how can I get them on AVR?
I have tried this:
secret_code[1] = random()&=6;
Asked
Active
Viewed 1.2k times
3
5 Answers
18
Random Numbers and Computers
Let us talk a second about what it takes to generate random numbers.
Randomness is very easy for humans to imagine or produce: Flip a coin. The result is random. The next time you flip the same coin, it will be random again, and there will be no correlation to the previous coin-flips.
That's way harder for processors. These are machines to be as deterministic as possible. Generally, when you build a digital circuit, any non-determinism ("random behaviour") is undesired.
In that framework, i.e. if your digital circuit (e.g. an AVR) works perfectly deterministically, then there's simply no way to generate truly random numbers. These numbers must always be a result of some calculation on numbers that were there before, so that there can only be a "seemingly" random sequence of numbers.
The next time you feed the same algorithm with the same "inital input", you get the same sequence of numbers. We call an algorithm that generates a seemingly random numbers a pseudo-random number generator (PRNG).
But that is practically always (aside from cryptography) an acceptable solution. There's typically a large numbers of initial states, and if the PRNG is any good, any of these initial states will yield a totally different, totally uncorrelated, totally fairly distributed sequence of numbers.
Pseudo-random number generation on microcontrollers in practice
On a microcontroller, you don't want to use a function like rand or srand with a hidden global state of a single pseudo random number generator (PRNG) - that is a waste of the little RAM you have, if you at some point can stop using the PRNG, and a recipe for disaster if you're interacting with the PRNG from interrupt routines.
Instead, use a "slim" random number generator function that takes and modifies an explicit, small state. The AVR stdlib possibly offers rand_r, but that's just a bad random number generator; with the same effort in state space and computation, you can get much "randomer" numbers.
For medium-to-high-quality PRNG, I personally use my state-external variant of the XOROSHIRO128+ algorithm. It requires 16B of state memory, and is probably far over the top for a microcontroller-based game.
The XORSHIFT32 algorithm, that XOROSHIRO128+ is indirectly based on, only uses four bytes of state, and should be plenty random for your use case, and will return one 32bit random number each call, and modify the state. If you look at it, it's also pretty fast – just three shifts and three XORs on 32 bit numbers. While your AVR (assuming it's not AVR32) doesn't have 32 bit integers (I think), these operations should still be faster than at least what the glibc implementation of rand() does.
Seeding your PRNG
The real question is how to initialize the state (seed the PRNG). That seed determines the only seemingly random sequence of numbers that you'll get!
That is especially challenging on a small device like an AVR: You can't use something like the current time (which was always a bad seed, but someone started telling people it's good one :(, so people use that), because it has no notion of time; you can't use physically random things like the seek time of your hard drive, because there is no hard drive, and so on.
But: your microcontroller has an ADC, for example. So, simply get a series of ADC measurements and use the least significant bits, which should essentially be noise, to generate the initial state that you use for your PRNG. Maybe take an ADC measurement, XOR with the last measurement, shift up, take the next measurement, repeat 16 times, use that as initial state.
Marcus Müller
- 94,373
- 5
- 139
- 252
-
2The other semi-common trick for getting random numbers is from comparisons of different clock sources. The jitter between the main clock and the slow watchdog timer can be used as a source of "true" entropy (by sampling a fast counter every watchdog interrupt, or similar). Works well for AVRs, where even the very cheap ones have an independent watchdog IIRC. – mbrig Jan 02 '19 at 22:52
-
3@mbrig thanks! yeah, thinking about this: since this device definitely has user interface buttons, the ringing of keypresses and their timing might be a source of entropy, too. – Marcus Müller Jan 02 '19 at 22:56
-
2A digital circuit is only perfectly (or even ideally) deterministic as long as there's only one oscillator providing a basis for all the clocks. As soon as you have at least two crystals, it's highly nondeterministic, and you can exploit this for very high quality random seeds. May be overkill for a game, but it's a good principle to know. – R.. GitHub STOP HELPING ICE Jan 03 '19 at 03:25
6
From the AVR Libc Reference Manual, under stdlib.h: General utilities:
Function
rand():
int rand(void)The
rand()function computes a sequence of pseudo-random integers in the range of0toRAND_MAX(as defined by the header file<stdlib.h>).The
srand()function sets its argument seed as the seed for a new sequence of pseudo-random numbers to be returned byrand(). These sequences are repeatable by callingsrand()with the same seed value.If no seed value is provided, the functions are automatically seeded with a value of
1.In compliance with the C standard, these functions operate on int arguments. Since the underlying algorithm already uses 32-bit calculations, this causes a loss of precision. See
random()for an alternate set of functions that retains full 32-bit precision.
Basically, you want to use srand() to set a seed for rand() to use. rand() will generate the numbers based on the seed srand() provides.
A common way to get a seed for srand() is to use a timer that is based on some user action so you get a fairly unique sequence every time. If you don't change the seed, the number sequence will always be the same.
Marcus Müller
- 94,373
- 5
- 139
- 252
evildemonic
- 9,209
- 2
- 26
- 46
-
@evildemonic The timer won't help much if there is no RTC. On such a limited embedded platforms there are other sources of entropy required. Such as temperature-sensitive analog input. Update - well, a timer based on user action is an option. It's just that it is not always the case there is a user action before the result is required.. – Eugene Sh. Jan 02 '19 at 16:24
-
2@EugeneSh. This is why I specified based on user action. Since the OP is talking about a game, I doubt they need super true authentic random. If so, yes, using for instance an ADC value reading the noise on a diode or something could be better. – evildemonic Jan 02 '19 at 16:27
-
1I appreciate you folks helping me improve my answer, and bring you up good points. Since this is a game, there should be user action at some point, and this can perhaps be 'forced' early on. The seed can be generated at any point before the random number is needed. Something as simple as timing how long it takes for the player to enter their name, or select an option from the opening menu. Without more input from the OP, it is hard to speculate on what they need and what we have to work with. – evildemonic Jan 02 '19 at 16:35
-
1I'll be honest: on a programmer's website (such as stackexchange.com), the recommendation to use
randandsrandwould be worth a very comprehensive comment on why that is a very bad idea. These functions aren't reentrant-save, so interaction with their state from ISRs or multiple tasks is potentially catastrophic. If I was AVR, I'd honestly not include these functions. The way to go is not a random number generator with hidden global state, especially not on a microcontroller. – Marcus Müller Jan 02 '19 at 17:14 -
1@MarcusMüller The re-entrant version of rand() is rand_r(). I'm not sure it is needed. I'm also not sure I follow you on why it would be a very bad idea to use rand() like this on an AVR or how it would be catastrophic unless you need to reproduce the sequence and haven't been careful about how you use it. Is there something inherent to hidden global states that make them inappropriate for microcontrollers? – evildemonic Jan 02 '19 at 17:32
-
1@evildemonic well, first of all, you kind of need to allocate some space somewhere when using the
randfunction, forever. That might be highly problematic on memory-starved architectures. So, you'd always go forrand_r, simply because then you / your compiler is in charge of knowing when you don't need that anymore; then, OK, this is a game, and truly random would not be a problem here, but in general, when using a PRNG likerandyou can't accept RNG behaviour. – Marcus Müller Jan 02 '19 at 17:38 -
1Against
rand_ronly speaks the terrible stochastic performance of all implementations that I've seen so far. There's other, far better, algorithms that use the same amount of state but give much better properties in terms of "quality" of randomness (whiteness, value equi-distribution). Even the classical Linux man-page says that: The value pointed to by theseedpargument ofrand_r()provides only a very small amount of state, so this function will be a weak pseudo-random generator. In short, the stdlib random generators are simply bad and there's always a better choice. – Marcus Müller Jan 02 '19 at 17:39 -
1@evildemonic by the way, thanks for all the feedback! I'm working this into my answer :) – Marcus Müller Jan 02 '19 at 17:46
-
@MarcusMüller And I appreciate you taking the time to explain further! – evildemonic Jan 02 '19 at 18:36
4
The other answers are more theoretical, but I have done some practical experiments in this area.
Using an AVR XMEGA microcontroller I sampled the internal temperature sensor continuously with the ADC. From each reading I took only the least significant bit, which is subject to the most noise. I then combined 8 such bits and fed them into the on-board CRC generator, using one byte of its output as my random bits. The CRC generator was just a fast, convenient way of mixing and whitening the bits, other methods work too.
This code implements it: https://github.com/kuro68k/xrng/blob/master/firmware2/xrng/rng.c
I did extensive testing of the output. Even generating 8+ megabits per second the output does will with standard randomness tests, including DieHarder.
For your purposes this is probably overkill. Unfortunately you don't mention which AVR you are using, but most only have a 10 bit ADC (the XMEGA is 12 bit) and often lack an internal temperature sensor. However, using just 10 bits and sampling the internal voltage reference, or a floating (disconnected) pin you may get decent results. I'd suggest collecting 16 bits (16 samples, take only the least significant bit) and combining them into a 16 bit word, and then repeating that 16 times with the results XORed together, and then feed the result to the srand() function. Then periodically take another 16 samples, XOR and feed into srand() again.
Then you can just use the normal rand() function to get random numbers. By seeding it with a half decent source of entropy the results should be sufficiently unpredictable for your game.
Alternatively, some AVRs have a watchdog timer that can trigger an interrupt. The watchdog timer is a fairly decent random number generator because its frequency varies randomly, so you can just set up a fast timer (clock divider 1, maximum core clock frequency) and sample the least significant bit every time the watchdog interrupt is triggered. I believe other people have tested that method and found it to be a good source of entropy.
3
Count the time in ms from the time the device was first turned on and the first user interaction, mod (%) that count by some number, say 99 and then use that number to seed the random number generator (srand()). At least that's what I would do.
Ethereal Lewis
- 31
- 1
1
https://www.codeproject.com/Articles/5311070/A-True-Random-Number-Generator-in-Arduino-AVR-ATme
Here is a simple trick to get a REAL random number in ATmega328 (it applies to most ATmega controllers that have an option to attach the ADC mux to internal 1.1/VC.) I'm not sure whether to call the number truly random because it is generated from the physics of the hardware and can still have sort of patterns that arise from the oscillations of the hardware, maybe.
The trick is to abuse the ADC by generating a pulsating signal on the input that can never be truly pulsating because the lines have got to have some capacitance.
int N = 20; // 20 works really fine for uint8, can be increased to reduce patterns. Each cicle takes around 80us on 16Mhz main clock which give a random nmumber almost every 1.5ms.
for (int i = 0; i < N; i++)
{
if (i % 2 == 0)
ADMUX = 0b01001110; // High (1.1V)
else
ADMUX = 0b01001111; // Low (0V)
ADCSRA |= 1 << ADSC; // Start a conversion
uint8_t low, high;
// ADSC is cleared when the conversion finishes
while ((ADCSRA >> ADSC) % 2); // wait for the conversion to complete
low = ADCL; // do not swap this sequence. Low has to be fetched first.
high = ADCH; // the value is always between 0-3
V ^= low;
V ^= high;
// Lets shift rotate the number;
uint8_t last = V % 2;
V >>= 1;
V |= last << 7;
// Disable the ADC
ADCSRA = 0;
// Enable the ADC with a randomly selected clock Prescaler between 2 and 128. since each conversion takes 13 ADC cycles, at 16Mhz system clock, the ADC will now take something in between 1.6us and 104us for each conversion.
ADCSRA = 0b10000000 | ((V % 4) << 1);
}
Umar Hassan
- 51
- 3
-
This looks pretty cool - how would I use it now to retrieve the random number? – siliconchris Apr 29 '22 at 09:44
random()) can't be an lvalue (for the operator&=). – Dave Tweed Jan 02 '19 at 15:52secret_code. Note that if you actually intend to use your random numbers for cryptographic purposes, you need to do it right, which excludes usingrandom(), or basically any other PRNG. You need true random numbers if you want your cryptography to be secure. – marcelm Jan 02 '19 at 23:43