Reprinted with permission: Universal Prints & Scott Adams of Dilbert.
Just about everybody in the gaming industry understands that slot machines, keno/lottery calls and table game progressives all use Random Number Generators (RNGs) to determine outcomes. Spies also use them to decode secret messages, and advanced mathematicians use them to solve problems too complex for calculus.
But do you really know what an RNG in the casino world is, and how it works? To begin with, there are few, if any, true RNGs associated with today’s gaming devices. Most slots and other games use PRNGs, or Pseudo-RNGs. What’s the difference?
The generation of random numbers is too important to be left to chance
Robert R. Coveyou, Oak Ridge National Laboratory.
There’s little difference in a number from a PRNG and a TRNG (T is for True in this instance.) The distinction is in how those numbers are derived. Wikipedia defines a True RNG as “a device that generates random numbers from a physical process, rather than by means of an algorithm.” In case you missed Computer Science 101, an algorithm is a sequence of steps in a computer program, much like the recipe steps to make cookies. The random physical event of a TRNG could be as simple as the roll of a fair six-sided die.
Within any sequence generated by the computer through a programmed algorithm or formula, the next digit is a completely deterministic choice, not random in the sense that a dice throw, a spinning disc, an electronic pulse, or even the finite digits of the mysterious π are random.
Deborah J. Bennett, “Randomness,” Harvard University Press
If you’re the NSA, you might want to choose a better physical phenomenon than a dice roll. Those folks in Washington don’t share a lot, but the speculation is that they derive randomness from listening to the variances of background radio waves from space, or they measure the rate of decay or other quantum factors associated with radioactive materials.
It is perhaps ironic that the oldest mechanical slot machines from the 1930s through the early ‘60s had a True RNG, otherwise known as a “fan clock.” This was a spring-driven spinning blade, hand-bent and full of holes, that was wound by a player pulling the handle. Once released, the fan spun until the spring ran down and released the pay levers. Theoretically, each spin was random due to humidity, atmospheric pressure, temperature and mechanical variants.
Fan clocks are no longer in use today, since they could be easily manipulated by sophisticated instruments like bent coat hangers. Not only that, but – given the relatively constant atmospheric conditions now present inside most casinos – one of today’s computers could probably predict a fan clock’s future outcomes based on past spins quite easily. (The ball blowers used in both keno and bingo are examples of TRNGs still working today in the casino world, along with roulette wheels and craps dice.)
Since including a deep-space receiver, radioactive materials or a spectrum analyzer would be a bit expensive, the most practical slot machine RNG is a PRNG. The Pseudo Random Number Generator uses a computer algorithm and, therefore, is both practical and cost effective for use in slots.
With the addition of gaming markets and advanced regulations to allow new technology, at the core of all gambling devices still remains the Random Number Generator. Although it is just a mathematical algorithm, with proper seeding and ‘free-wheeling’ techniques it has proven to fully serve the industry’s needs. Spencer Peterson, VP, Technical Compliance, Konami Gaming, Inc.
One gaming software engineer used the analogy that many of the early slot machine PRNGs were like a giant loop of random numbers that is constantly rotating. Once the spin or play button is hit, the computer program does a few quick housekeeping chores, like determining the credits played and the paytable, then stops on the number that happens to be looping by at that precise instant. Our team took some literary license and produced a YouTube spot on the Pechanga Channel a few years back, in response to a guest’s inquiry, that overly simplified the process: https://www.youtube.com/watch?v=TvKKD-O61Z0.
While there are a few technical flaws in both analogies, they are useful for a basic understanding.
One of the most common myths is that a machine has a cycle that can let a player know when it is due to hit. Many snake oil salesmen will try to sell you a system for doing just that. Save your money – it can’t be done.
Bill Burton, The ThoughtCo
Burton’s recommendation is a good one. That said, don’t believe it can’t be done, because it can. An infamous example happened in Atlantic City in January 1995. A Nevada Gaming Control Board computer technician, Ron Harris, reverse engineered the PRNG of an Imagineering keno program to predict the winning numbers. His program was brilliant and worked to perfection, but his partner in crime, Reid McNeel, panicked while attempting to collect the $100,000 jackpot, which eventually led investigators to discover the scheme. The scam embarrassed the NGCB and landed Harris both in jail and in Nevada’s infamous Black Book. You can learn more details of the crime in Jeff Burbank’s 2005 book License to Steal or the History Channel’s 2011 documentary Slot Buster.
A more recent RNG hack involved a team of Russians who first attacked older Novomatic, Atronic and Aristocrat machines in Europe in 2008. They then pushed their luck stateside on about a half dozen older Aristocrat Mark VI themes on MAV500 cabinets between 2014-16. I’ve covered this several times in the past on CDC Gaming Reports, but it’s worth another mention here. Essentially, the team used cell phones to master the timing routine of the game’s PRNG in order to hit bonus rounds more frequently. These bonuses were below tax thresholds and therefore attracted less attention than a jackpot scheme.
One arrest in Southern California was followed by several others in Missouri, Singapore, Florida and elsewhere. The gang hit both big and small casinos worldwide. Wired magazine had a fascinating article about ‘Alex’, the pseudonymous mastermind of the scheme. It’s worth reading. https://www.wired.com/story/meet-alex-the-russian-casino-hacker-who-makes-millions-targeting-slot-machines/
‘Alex’ later tried to blackmail Aristocrat, claiming he’d hacked some of their popular Helix games, sending along some math “evidence” to support his claim. Aristocrat didn’t bite. As of this writing, the games have never been compromised.
Nevertheless, the challenge continues to evolve, with Aristocrat reporting to its customers in 2018 a cheat against some emulated MKVI game titles that were operating on Viridian 19” cabinets in Canada. While the company continues to have no evidence that any native Gen 7 or Gen 8 game has been affected by cheats, it is urging its customers to take a proactive approach, offering RNG upgrades where technically possible and trade-in incentives to encourage operators to get vulnerable, 20+ year tech off their floors. All the games Aristocrat is bringing to market today incorporate the latest secure PRNG technology. (NOTE: Gen 8 games include the popular “Arc” and “Helix” cabinets).
So are the PRNGs in today’s newest games better than the ones in the older cabinets that the Russians hacked? Absolutely. One engineer told me that the most recent version of Microsoft Excel has an “infinitely” better PRNG function than the slot machines of 10 or more years ago. You can try it for yourself if you like: paste “=RAND( )” into a number of cells in Excel. Each will produce a random number between 1 and 0. If you expand the decimal display, you’ll see it goes out to 15 digits.
“The technology of decades ago lacked the cryptographically secure features that IGT leverages today. Regardless of the format – open source, embedded within an operating system, etc. – IGT’s RNG technology meets these highest security standards and not only prevents security breaches but can internally record and audit games results and detect attempts to manipulate gameplay.”
Jim Vasquez, IGT VP of Engineering
Table 1 below is a quick example of an Excel output using the RAND() function. Each time you re-calc (SHIFT + F9) the numbers will change. You might find this function useful to do random promotional drawings, or for selecting employees for tasks on an impartial basis.
The double-edged sword of today’s more powerful computer hardware and sophisticated software is that the bad guys now have access to better hacking tools, too. Take the random number loop example from earlier. The flaw is that these loops have to start somewhere. Statisticians and engineers call that starting point a seed value. It might also be called the Achilles’ heel of this type of PRNG. If you know where a loop is, or where it started, and you have enough computer horsepower at your disposal, you can probably compute the outcomes at various times. Ideally, the seed itself is also highly randomized.
U.S. computer networks and databases are under daily cyber-attack by nation states, international crime organizations, subnational groups, and individual hackers.
John O. Brennan, Former Director of the CIA
One way to defeat this type of seed hack is to change methodologies: instead of using a loop of numbers, switch to a sponge. This new technique derives from hash code standards (which have nothing to do with Nevada’s recent legalization of marijuana, haha.)
Hash functions are similar, but a little different, from other security checking tools, like a slot machine’s EPROM checksums or your hardware’s VPN token. They are like decoder rings, translating words or numbers into something else, usually a string of hexadecimal numbers. Since they need to be very secure, they’re difficult to translate unless you know the code. The National Institute of Standards (NISH) certifies these processes; the most common standard today used in cryptography is SHA-2, or Secure Hash Algorithm version 2. It was adopted by the NISH in 2001. In 2015, the NISH held a competition among top geeks and code masters and authorized the resulting SHA-3, which is even stronger.
SHA-3 pioneered the concept of absorbing data in and squeezing it out. That’s the essence of the sponge technique, which basically means that bad guys could no longer use a simple seed value to predict outcomes in the loop, since there is no loop with SHA-3. This adds an infinite layer of complexity to the concept of randomness. Several slot manufacturers have already implemented PRNGs utilizing SHA-3 protocols to protect their games.
Anyone who attempts to generate random numbers by deterministic means is, of course, living in a state of sin.
John von Neumann, Los Alamos H-Bomb Project
Unfortunately, it often takes far too long for regulations to keep up with technology. The Nevada Gaming Control Board (NGCB) sets the standards for machine security (Reg 14). Generally, Nevada’s standards (with slight differences) are adopted nationwide. They define the RNG as “a hardware, software, or combination hardware and software device for generating number values that exhibit characteristics of randomness.” And they say the RNG must “not use (a) static seed upon initialization.”
However, in 14.1.400, they also include several steps that seem a bit dated. They say to “cycle the RNG at a minimum average rate of 100Hz (100 times per second).” While that may seem pretty fast, even an entry-level Google Chromebook chugs along at 2,400,000,000 cycles per second, and Intel’s i7 processor, now common in many desktop PCs, can hit 5 billion cycles per second. Likewise, for chip and component verification, the Nevada regs call for using SHA-1 for security. SHA-1 was adopted in 1995. In 2017, all major web browsers ceased acceptance of SHA-1 because it was too easy to crack.
The good news is that, just like the MICS (Minimum Internal Control Standards) operators follow on the casino floor, the NGCB tech standards only set a baseline. Manufacturers are free to go above and beyond those requirements.
Random numbers should not be generated with a method chosen at random.
Donald Knuth, Professor emeritus, Stanford University
Gaming Laboratories International (GLI), which also certifies casino equipment and issues industry standards, has taken a stronger approach. Following the Russian hacks, they issued a paper on the “Cryptographic Strength of RNGs” in late 2014. Two years ago, they sent an advisory note to manufacturers providing some guidelines to produce stronger RNGs. Along with citing advancements in technology, they had lots of practical advice:
“The whole (RNG) solution must meet an acceptable level of cryptographic strength. For example, if one uses a cryptographic RNG as declared by NIST but then uses insecure methods for seeding and reseeding, then this would not be acceptable (and would be much like putting a 3” thick iron door on your house but having a single pane, ground level window – not very secure).”
Recruiting and retaining full-time team members with serious crypto skills is not easy for manufacturers, since they are in high demand throughout the tech world. So perhaps the best advice from GLI is that “there are many professionals out there with your interests in mind. You don’t have to design your own RNG. It is not difficult to replace your current RNG solution with one that is cryptographically strong.”
Modern random number generators (RNGs) used in electronic gaming devices are designed to be impervious to sophisticated cryptanalytic attacks. The secure design of these modern RNGs prevents synchronization or manipulation of the RNG, even in cases where a perpetrator may be armed with inside information about the core RNG algorithm and other supporting mechanisms of the RNG (e.g. scaling and seeding methodologies). Furthermore, the security of these modern RNGs serves to “future-proof” these applications even in the face of exponential advances in computational power.
Patrick Moore, Exec. Dir Product Compliance, Scientific Games
Virtually all the providers have taken GLI’s advice, and things are much more secure today than in the past. The PRNGs in the latest slot machines are extremely good and getting better all the time. Can they be defeated? Maybe. Nothing seems impossible anymore in cyber warfare. But the bad folks will probably have your banking records, medical files and intimate conversations with Alexa and Siri before they’ll be able to predict a new slot machine’s next random number.
# # #
Before beginning his casino career, author Buddy Frank spent three years in college studying Electrical Engineering and Mathematics but switched to Journalism for his degree where, thankfully, there was no math required.