Random numbers play a quintessential role in computer science. From cryptography to gaming to machine learning, randomness is useful in the functionality of a lot of software. Even though they are pretty ubiquitous, there is a lot of nuance to random numbers that most developers don't encounter in their typical interactions with them.
There are two requirements for random numbers. First, random numbers have to be uniformly distributed across some given interval set. Essentially, this means that given a particular range of numbers, say 1 to 100, any random number is equally as likely to be chosen as any other. Random numbers must also be independent. Given a process that returns a random number, correlated numbers should not be returned each time the process is used.
These requirements make sense. They ensure that random numbers are unique and uniform. However, there is a bit of a catch when it comes to random numbers generated by computer algorithms. Random numbers generated by computers don't often meet the criteria of mathematical random numbers.
There are different kinds of random numbers to distinguish when discussing random numbers in programming. They are...
Psueodrandom values are not truly random. Generally, any random number that is generated by a computer is going to be a psuedorandom number. Despite the heisenbugs you might have run into, computers are deterministic devices. A program, given the same input, will always produce the same output.
To introduce randomness into their implementations, most random number generators will generate a number based on an initial seed. The same seed will produce the same set of random numbers. As a result, to generate random numbers the seed must be changed each time. Commonly, the seed will be the current date and time represented as a number.
Cryptographically secure random values
Cryptographically secure random values are, as the name suggest, random values that can be used for encryption, key generation, and other cryptographic use cases. Generally, a pseudorandom number generated will also generated cryptographically secure random values if it is impossible to distinguish the random numbers generated from the algorithm and truly random values. This brings us to....
Truly random values
Truly random values are values that adhere to the criteria for random numbers that we defined earlier. Generally, true random values are generated by relaying on some state that is not stored in the machine. random.org, a popular website for generating truly random values, generates random numbers based on atmospheric noise.
I've already alluded to how psuedorandom generators are generated from a seed value and how truly random numbers are often generated from some random natural phenomena, like atmospheric noise. What does an actual psuedorandom number generator in a programming language look like?
Math.random implementation works is handy. As it turns out, the V8 engineering team has published a blog post on this topic, so I'll leave the thorough explanation of this to the experts.