What is the best replacement for Windows' rand_s in Linux/POSIX?
https://stackoverflow.com/questions/120206
-
02-07-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
The problem is not about randomness itself (we have rand), but in cryptographically secure PRNG. What can be used on Linux, or ideally POSIX? Does NSS have something useful?
Clarification: I know about /dev/random, but it may run out of entropy pool. And I'm not sure whether /dev/urandom is guaranteed to be cryptographically secure.
Solution
Use /dev/random (requires user input, eg mouse movements) or /dev/urandom. The latter has an entropy pool and doesn't require any user input unless the pool is empty.
You can read from the pool like this:
char buf[100];
FILE *fp;
if (fp = fopen("/dev/urandom", "r")) {
fread(&buf, sizeof(char), 100, fp);
fclose(fp);
}
Or something like that.
OTHER TIPS
From Wikipedia (my italics):
A counterpart to /dev/random is /dev/urandom ("unlocked" random source) which reuses the internal pool to produce more pseudo-random bits. This means that the call will not block, but the output may contain less entropy than the corresponding read from /dev/random. The intent is to serve as a cryptographically secure pseudorandom number generator. This may be used for less secure applications.
The /dev/random device is intended to be a source of cryptographically secure bits.
