# Randomization

Randomization is a fundamental technique in algorithm design, that allows programs to run quickly when the average-case behavior of an algorithm is better than the worst-case behavior. It is also heavily used in games, both in entertainment and gambling. The latter application gives the only example I know of a programmer who died from writing bad code, which shows how serious good random-number generation is.

## Generating random values in C

If you want random values in a C program, there are three typical ways of getting them, depending on how good (i.e. uniform, uncorrelated, and unpredictable) you want them to be.

### The rand function from the standard library

E.g.

#include <stdio.h>
#include <stdlib.h>

int
main(int argc, char **argv)
{
printf("%d\n", rand());
return 0;
}


examples/randomization/randOnce.c

The rand function, declared in stdlib.h, returns a random-looking integer in the range 0 to RAND_MAX (inclusive) every time you call it. On machines using the GNU C library RAND_MAX is equal to INT_MAX which is typically 231 − 1, but RAND_MAX may be as small as 32767. There are no particularly strong guarantees about the quality of random numbers that rand returns, but it should be good enough for casual use, and it has the advantage that as part of the C standard you can assume it is present almost everywhere.

Note that rand is a pseudorandom number generator: the sequence of values it returns is predictable if you know its starting state (and is still predictable from past values in the sequence even if you don’t know the starting state, if you are clever enough). It is also the case that the initial seed is fixed, so that the program above will print the same value every time you run it.

This is a feature: it permits debugging randomized programs. As John von Neumann, who proposed pseudorandom number generators in his 1946 talk “Various Techniques Used in Connection With Random Digits,” explained:

We see then that we could build a physical instrument to feed random digits directly into a high-speed computing machine and could have the control call for these numbers as needed. The real objection to this procedure is the practical need for checking computations. If we suspect that a calculation is wrong, almost any reasonable check involves repeating something done before. At that point the introduction of new random numbers would be intolerable.

#### Supplying a seed with srand

If you want to get different sequences, you need to seed the random number generator using srand. A typical use might be:

#include <stdio.h>
#include <stdlib.h>
#include <time.h>

int
main(int argc, char **argv)
{
srand(time(0));
printf("%d\n", rand());
return 0;
}


examples/randomization/srandFromTime.c

Here time(0) returns the number of seconds since the epoch (00:00:00 UTC, January 1, 1970, for POSIX systems, not counting leap seconds). Note that this still might give repeated values if you run it twice in the same second, and it’s extremely dangerous if you expect to distribute your code to a lot of people who want different results, since two of your users are likely to run it twice in the same second. See the discussion of /dev/urandom below for a better method.

### Better pseudorandom number generators

There has been quite a bit of research on pseudorandom number generators over the years, and much better pseudorandom number generators than rand are available. Currently, the most widely used pseudorandom random number generator is Mersenne Twister, which runs about 4 times faster than rand in its standard C implementation and passes a much wider battery of statistical tests. Its English-language home page is at http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html. As with rand, you still need to provide an initial seed value.

There are also cryptographically secure pseudorandom number generators, of which the most famous is Blum Blum Shub. These cannot be predicted based on their output if seeded with a true random value (under certain cryptographic assumptions: hardness of factoring for Blum Blum Shub). Unfortunately, cryptographic PRNGs are usually too slow for day-to-day use.

### Random numbers without the pseudo

If you really need actual random numbers and are on a Linux or BSD-like operating system, you can use the special device files /dev/random and /dev/urandom. These can be opened for reading like ordinary files, but the values read from them are a random sequence of bytes (including null characters). A typical use might be:

#include <stdio.h>

int
main(int argc, char **argv)
{
unsigned int randval;
FILE *f;

f = fopen("/dev/random", "r");
fclose(f);

printf("%u\n", randval);

return 0;
}


examples/randomization/devRandom.c

(A similar construction can also be used to obtain a better initial seed for srand than time(0).)

Both /dev/random and /dev/urandom derive their random bits from physically random properties of the computer, like time between keystrokes or small variations in hard disk rotation speeds. The difference between the two is that /dev/urandom will always give you some random-looking bits, even if it has to generate extra ones using a cryptographic pseudo-random number generator, while /dev/random will only give you bits that it is confident are in fact random. Since your computer only generates a small number of genuinely random bits per second, this may mean that /dev/random will exhaust its pool if read too often. In this case, a read on /dev/random will block (just like reading a terminal with no input on it) until the pool has filled up again.

Neither /dev/random nor /dev/urandom is known to be secure against a determined attacker, but they are about the best you can do without resorting to specialized hardware.

### Range issues

The problem with rand is that getting a uniform value between 0 and 231 − 1 may not be what you want. It could be that RAND_MAX is be too small; in this case, you may have to call rand more than once and paste together the results. But there can be problems with RAND_MAX even if it is bigger than the values you want.

For example, suppose you want to simulate a die roll for your video craps machine, but you don’t want to get whacked by Johnny “The Debugger” when the Nevada State Gaming Commission notices that 6-6 is coming up slightly less often than it’s supposed to. A natural thing to try would be to take the output of rand mod 6:

int d6(void) {
return rand() % 6 + 1;
}


The problem here is that there are 231 outputs from rand, and 6 doesn’t divide 231. So 1 and 2 are slightly more likely to come up than 3, 4, 5, or 6. This can be particularly noticeable if we want a uniform variable from a larger range, e.g. [0…⌊(2/3) ⋅ 231⌋].

We can avoid this with a technique called rejection sampling, where we reject excess parts of the output range of rand. For rolling a die, the trick is to reject anything in the last extra bit of the range that is left over after the largest multiple of the die size. Here’s a routine that does this, returning a uniform value in the range 0 to n-1 for any positive n, together with a program that demonstrates its use for rolling dice:

#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <time.h>

/* return a uniform random value in the range 0..n-1 inclusive */
int
randRange(int n)
{
int limit;
int r;

limit = RAND_MAX - (RAND_MAX % n);

while((r = rand()) >= limit);

return r % n;
}

int
main(int argc, char **argv)
{
int i;

srand(time(0));

for(i = 0; i < 40; i++) {
printf("%d ", randRange(6)+1);
}

putchar('\n');

return 0;
}


examples/randomization/randRange.c

More generally, rejection sampling can be used to get random values with particular properties, where it’s hard to generate a value with that property directly. Here’s a program that generates random primes:

#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <time.h>

/* return 1 if n is prime */
int
isprime(int n)
{
int i;

if(n % 2 == 0 || n == 1) { return 0; }

for(i = 3; i*i <= n; i += 2) {
if(n % i == 0) { return 0; }
}

return 1;
}

/* return a uniform random value in the range 0..n-1 inclusive */
int
randPrime(void)
{
int r;

/* extra parens avoid warnings */
while(!isprime((r = rand())));

return r;
}

int
main(int argc, char **argv)
{
int i;

srand(time(0));

for(i = 0; i < 10; i++) {
printf("%d\n", randPrime());
}

return 0;
}


examples/randomization/randPrime.c

One temptation to avoid is to re-use your random values. If, for example, you try to find a random prime by picking a random x and trying x, x+1, x+2, etc., until you hit a prime, some primes are more likely to come up than others.

## Randomized algorithms

Randomized algorithms typically make random choices to get good average worst-case performance in situations where a similar deterministic algorithm would fail badly for some inputs but perform well on most inputs. The idea is that the randomization scrambles the input space so that the adversary can’t predict which possible input values will be bad for us. This still allows it to make trouble if it gets lucky, but most of the time our algorithm should run quickly.

This is essentially rejection sampling in disguise. Suppose that you want to find one of many needles in a large haystack. One approach is to methodically go through the straws/needles one at a time until you find a needle. But you may find that your good friend the adversary has put all the needles at the end of your list. Picking candidate at random is likely to hit a needle faster if there are many of them.

Here is a (silly) routine that quickly finds a number whose high-order bits match a particular pattern:

int
matchBits(int pattern)
{
int r;

while(((r = rand()) & 0x70000000) != (pattern & 0x70000000));

return r;
}


This will find a winning value in 8 tries on average. In contrast, this deterministic version will take a lot longer for nonzero patterns:

int
matchBitsDeterministic(int pattern)
{
int i;

for(i = 0; (i & 0x70000000) != (pattern & 0x70000000); i++);

return i;
}


The downside of the randomized approach is that it’s hard to tell when to quit if there are no matches; if we stop after some fixed number of trials, we get a Monte Carlo algorithm that may give the wrong answer with small probability. The usual solution is to either accept a small probability of failure, or interleave a deterministic backup algorithm that always works. The latter approach gives a Las Vegas algorithm whose running time is variable but whose correctness is not.

### Quickselect and quicksort

Quickselect, or Hoare’s FIND (Hoare, C. A. R. Algorithm 65: FIND, CACM 4(7):321–322, July 1961), is an algorithm for quickly finding the k-th largest element in an unsorted array of n elements. It runs in O(n) time on average, which is the best one can hope for (we have to look at every element of the array to be sure we didn’t miss a small one that changes our answer) and better than the O(nlog n) time we get if we sort the array first using a comparison-based sorting algorithm.

The idea is to pick a random pivot and divide the input into two piles, each of which is likely to be roughly a constant fraction of the size of the original input. It takes O(n) time to split the input up (we have to compare each element to the pivot once), and in the recursive calls this gives a geometric series. We can even do the splitting up in place if we are willing to reorder the elements of our original array.

If we recurse into both piles instead of just one, we get quicksort (Hoare, C. A. R. Algorithm 64: Quicksort. CACM 4(7):321, July 1961), a very fast and simple comparison-based sorting algorithm. Here is an implementation of both algorithms:

#include <stdio.h>
#include <stdlib.h>
#include <assert.h>

/* reorder an array to put elements <= pivot
* before elements > pivot.
* Returns number of elements <= pivot */
static int
splitByPivot(int n, int *a, int pivot)
{
int lo;
int hi;
int temp;  /* for swapping */

assert(n >= 0);

/* Dutch Flag algorithm */
/* swap everything <= pivot to bottom of array */
/* invariant is i < lo implies a[i] <= pivot */
/* and i > hi implies a[i] > pivot */
lo = 0;
hi = n-1;

while(lo <= hi) {
if(a[lo] <= pivot) {
lo++;
} else {
temp = a[hi];
a[hi--] = a[lo];
a[lo] = temp;
}
}

return lo;
}

/* find the k-th smallest element of an n-element array */
/* may reorder elements of the original array */
int
quickselectDestructive(int k, int n, int *a)
{
int pivot;
int lo;

assert(0 <= k);
assert(k < n);

if(n == 1) {
return a;
}

/* else */
pivot = a[rand() % n];   /* we will tolerate non-uniformity */

lo = splitByPivot(n, a, pivot);

/* lo is now number of values <= pivot */
if(k < lo) {
return quickselectDestructive(k, lo, a);
} else {
return quickselectDestructive(k - lo, n - lo, a + lo);
}
}

/* sort an array in place */
void
quickSort(int n, int *a)
{
int pivot;
int lo;

if(n <= 1) {
return;
}

/* else */
pivot = a[rand() % n];   /* we will tolerate non-uniformity */

lo = splitByPivot(n, a, pivot);

quickSort(lo, a);
quickSort(n - lo, a + lo);
}

/* shuffle an array */
void
shuffle(int n, int *a)
{
int i;
int r;
int temp;

for(i = n - 1; i > 0; i--) {
r = rand() % i;
temp = a[r];
a[r] = a[i];
a[i] = temp;
}
}

#define N (1024)

int
main(int argc, char **argv)
{
int a[N];
int i;

srand(0);  /* use fixed value for debugging */

for(i = 0; i < N; i++) {
a[i] = i;
}

shuffle(N, a);

for(i = 0; i < N; i++) {
assert(quickselectDestructive(i, N, a) == i);
}

shuffle(N, a);

quickSort(N, a);

for(i = 0; i < N; i++) {
assert(a[i] == i);
}

return 0;
}


examples/randomization/quick.c

## Randomized data structures

Suppose we insert n elements into an initially-empty binary search tree in random order with no rebalancing. Then each element is equally likely to be the root, and all the elements less than the root end up in the left subtree, while all the elements greater than the root end up in the right subtree, where they are further partitioned recursively. This is exactly what happens in quicksort, so the structure of the tree will exactly mirror the structure of an execution of quicksort. In particular, the average depth of a node will be O(log n), giving us the same expected search cost as in a balanced binary tree.

The problem with this approach is that we don’t have any guarantees that the input will be supplied in random order, and in the worst case we end up with a linked list. The solution is to put the randomization into the algorithm itself, making the structure of the tree depend on random choices made by the program itself.

### Skip lists

A skip list (Pugh, 1990) is a randomized tree-like data structure based on linked lists. It consists of a level 0 list that is an ordinary sorted linked list, together with higher-level lists that contain a random sampling of the elements at lower levels. When inserted into the level i list, an element flips a coin that tells it with probability p to insert itself in the level i+1 list as well.

Searches in a skip list are done by starting in the highest-level list and searching forward for the last element whose key is smaller than the target; the search then continues in the same way on the next level down. The idea is that the higher-level lists act as express lanes to get us to our target value faster. To bound the expected running time of a search, it helps to look at this process backwards; the reversed search path starts at level 0 and continues going backwards until it reaches the first element that is also in a higher level; it then jumps to the next level up and repeats the process. On average, we hit 1 + 1/p nodes at each level before jumping back up; for constant p (e.g. 1/2), this gives us O(log n) steps for the search.

The space per element of a skip list also depends on p. Every element has at least one outgoing pointer (on level 0), and on average has exactly 1/(1 − p) expected pointers. So the space cost can also be adjusted by adjusting p. For example, if space is at a premium, setting p = 1/10 produces 10/9 pointers per node on average—not much more than in a linked list—but still gives O(log n) search time.

Below is an implementation of a skip list. To avoid having to allocate a separate array of pointers for each element, we put a length-1 array at the end of struct skiplist and rely on C’s lack of bounds checking to make the array longer if necessary. An empty head element stores pointers to all the initial elements in each level of the skip list; it is given the fake key INT_MIN so that searches for values less than any in the list will report this value. Aside from these nasty tricks, the code for search and insertion is pretty straightforward. Code for deletion is a little more involved, because we have to make sure that we delete the leftmost copy of a key if there are duplicates (an alternative would be to modify skiplistInsert to ignore duplicates).

#include <stdlib.h>
#include <assert.h>
#include <limits.h>

#include "skiplist.h"

#define MAX_HEIGHT (32)

struct skiplist {
int key;
int height;                /* number of next pointers */
struct skiplist *next;  /* first of many */
};

/* choose a height according to a geometric distribution */
static int
chooseHeight(void)
{
int i;

for(i = 1; i < MAX_HEIGHT && rand() % 2 == 0; i++);

return i;
}

/* create a skiplist node with the given key and height */
/* does not fill in next pointers */
static Skiplist
skiplistCreateNode(int key, int height)
{
Skiplist s;

assert(height > 0);
assert(height <= MAX_HEIGHT);

s = malloc(sizeof(struct skiplist) + sizeof(struct skiplist *) * (height - 1));

assert(s);

s->key = key;
s->height = height;

return s;
}

/* create an empty skiplist */
Skiplist
skiplistCreate(void)
{
Skiplist s;
int i;

/* s is a dummy head element */
s = skiplistCreateNode(INT_MIN, MAX_HEIGHT);

/* this tracks the maximum height of any node */
s->height = 1;

for(i = 0; i < MAX_HEIGHT; i++) {
s->next[i] = 0;
}

return s;
}

/* free a skiplist */
void
skiplistDestroy(Skiplist s)
{
Skiplist next;

while(s) {
next = s->next;
free(s);
s = next;
}
}

/* return maximum key less than or equal to key */
/* or INT_MIN if there is none */
int
skiplistSearch(Skiplist s, int key)
{
int level;

for(level = s->height - 1; level >= 0; level--) {
while(s->next[level] && s->next[level]->key <= key) {
s = s->next[level];
}
}

return s->key;
}

/* insert a new key into s */
void
skiplistInsert(Skiplist s, int key)
{
int level;
Skiplist elt;

elt = skiplistCreateNode(key, chooseHeight());

assert(elt);

if(elt->height > s->height) {
s->height = elt->height;
}

/* search through levels taller than elt */
for(level = s->height - 1; level >= elt->height; level--) {
while(s->next[level] && s->next[level]->key < key) {
s = s->next[level];
}
}

/* now level is elt->height - 1, we can start inserting */
for(; level >= 0; level--) {
while(s->next[level] && s->next[level]->key < key) {
s = s->next[level];
}

/* s is last entry on this level < new element */
/* do list insert */
elt->next[level] = s->next[level];
s->next[level] = elt;
}
}

/* delete a key from s */
void
skiplistDelete(Skiplist s, int key)
{
int level;
Skiplist target;

/* first we have to find leftmost instance of key */
target = s;

for(level = s->height - 1; level >= 0; level--) {
while(target->next[level] && target->next[level]->key < key) {
target = target->next[level];
}
}

/* take one extra step at bottom */
target = target->next;

if(target == 0 || target->key != key) {
return;
}

/* now we found target, splice it out */
for(level = s->height - 1; level >= 0; level--) {
while(s->next[level] && s->next[level]->key < key) {
s = s->next[level];
}

if(s->next[level] == target) {
s->next[level] = target->next[level];
}
}

free(target);
}


examples/trees/skiplist/skiplist.c

Here is the header file, Makefile, and test code: skiplist.h, Makefile, test_skiplist.c.

### Universal hash families

Randomization can also be useful in hash tables. Recall that in building a hash table, we are relying on the hash function to spread out bad input distributions over the indices of our array. But for any fixed hash function, in the worst case we may get inputs where every key hashes to the same location. Universal hashing (Carter and Wegman, 1979) solves this problem by choosing a hash function at random. We may still get unlucky and have the hash function hash all our values to the same location, but now we are relying on the random number generator to be nice to us instead of the adversary. We can also rehash with a new random hash function if we find out that the one we are using is bad.

The problem here is that we can’t just choose a function uniformly at random out of the set of all possible hash functions, because there are too many of them, meaning that we would spend more space representing our hash function than we would on the table. The solution is to observe that we don’t need our hash function h to be truly random; it’s enough if the probability of collision Pr[h(x) = h(y)] for any fixed keys x ≠ y is 1/m, where m is the size of the hash table. The reason is that the cost of searching for x (with chaining) is linear in the number of keys already in the table that collide with it. The expected number of such collisions is the sum of Pr[h(x) = h(y)] over all keys y in the table, or n/m if we have n keys. So this pairwise collision probability bound is enough to get the desired n/m behavior out of our table. A family of hash function with this property is called universal.

How do we get a universal hash family? For strings, we can use a table of random values, one for each position and possible character in the string. The hash of a string is then the exclusive or of the random values hashArray[i][s[i]] corresponding to the actual characters in the string. If our table has size a power of two, this has the universal property, because if two strings x and y differ in some position i, then there is only one possible value of hashArray[i][y[i]] (mod m) that will make the hash functions equal.

Typically to avoid having to build an arbitrarily huge table of random values, we only has an initial prefix of the string. Here is a hash function based on this idea, which assumes that the d data structure includes a hashArray field that contains the random values for this particular hash table:

static unsigned long
hash_function(Dict d, const char *s)
{
unsigned const char *us;
unsigned long h;
int i;

h = 0;

us = (unsigned const char *) s;

for(i = 0; i < HASH_PREFIX_LENGTH && us[i] != '\0'; i++) {
h ^= d->hashArray[i][us[i]];
}

return h;
}


A modified version of the Dict hash table from the chapter on hash tables that uses this hash function is given here: dict.c, dict.h, test_dict.c, Makefile.