We have built our site from the ground up to provide our players with the safest and highest quality site on which to play poker. World renown tournament directors Jack McClelland and Jim Albrecht have worked with us to ensure the integrity of the game and many of the world's top professional players have endorsed our efforts. Further, we are highly confident that the systems used for Random Number Generation (RNG), and the card-shuffling algorithm that utilizes those numbers, are not only the most advanced and reliable within the online poker community that it would be difficult to find better in ANY application.
Here is a brief overview of the system that we use, and the methods by which we've approached RNG and card shuffling:
Several competitors have experienced serious problems with pseudo-random number generation (PRNG). In some cases these problems have compromised the security of their systems (see article about ASF Software's PRNG flaw here
). Some competitors in the online gaming market attempt to provide RNG by starting with a 32-bit seed for a PRNG. Unfortunately, this method provides only a very small set of outcomes in comparison to the randomness required for truly random shuffled decks of cards. Because of this, they tend to use shuffle algorithms that attempt to work around the quality limitations of the PRNG that they are using. Sites that shuffle cards utilizing a PRNG with a 32-bit seed, will only be able to produce 4,294,967,296 possible shuffles, or merely 0.000000000000000000000000000000000000000000000000 000000005% (or 5 x 10-57%) of the possible ways to shuffle a deck. More importantly, however, the combination of the use of a PRNG and relatively small seeds (or even large seeds that are not sufficiently random) and faulty shuffling algorithms can allow a determined individual to predict the order of the remaining cards in a deck after seeing the first several cards that are dealt.
Our approach is to forgo pseudo-random number generation wherever possible and instead use true random number generation from proven random physical devices. Our system utilizes thermal noise on a zener diode - shielded to prevent any environmental interference. The characteristics of this device are governed by the laws of quantum physics and are provably non-deterministic. Through the use of true random numbers and our shuffling algorithm (see below), we ensure first that it is impossible to predict the next card coming off the deck, and second that every possible shuffle combination is equally likely, all 8.06581751709439 X 1067 of them or 80,658,175,170,943,900,000, 000,000,000,000,000,000,000, 000,000,000,000,000, 000,000,000,000.
Despite the fact that the device we use is largely held to provide sufficient randomness, our security software team was concerned with making the output from the devices even more quantifiably random and fault-tolerant than a simple single-device configuration by custom-designing the following features into our system:
- We follow all recommendations of the device manufacturer as to obtaining the highest quality random bit stream per device;
- Rather than just trusting that the raw data collected from the device is random, we test the quality of each sample from the device and reject samples which do not conform to (U.S.) Federal Information Processing Standards (FIPS) Publication 140-2 - Security Requirements for Cryptographic Modules, section 4.9.1 Power-On Tests, as published by the National Institute of Standards and Technology (NIST);
- These tests are performed for every sample collected;
- Samples that do not pass the test are not forwarded on to the mixer;
- We use two of the devices per hardware host and then mix their random streams via cryptographically-secure whitening functions, relieving any device-specific bias - or any other bias for that matter;
- The resultant output stream has been verified as appearing to be completely random over 100 runs of the DIEHARD and ent random verification test suites;
- Procedures are in place to replace faulty devices at the first sign of trouble, before gameplay can be adversely affected in any way;
- DIEHARD and ent were also used to verify randomness in situations where one of the devices is failing to produce high quality samples (i.e. a higher than nominal rejection rate due to FIPS-test failures).
Our shuffling algorithm samples the stream of random numbers that is generated only when a card needs to be dealt or the deck needs to be reset between hands, thereby interleaving samples from all running games.
To enhance the security of our random number infrastructure, the samples from the random stream are encrypted using a secure stream cipher prior to being used to select cards. This step does not in any way reduce the entropy inherent in the stream.
The previous two components of our system insure that even if a person could access the system and the random number stream, or corrupt the random stream, it would still be EXTREMELY difficult to reliably determine the numbers actually used in the shuffle algorithm!
The length of time that any particular number in the random stream is a candidate to be used to select a card to be dealt is very short.
The algorithm used to select the next card to be dealt absolutely assures that every remaining card in the deck is exactly equally likely to be chosen.
When starting a new hand, the deck is never presented for play in a known state and the deck is never returned to a known state between hands, or at any other time.