using /dev/random

RW fbsd06 at
Tue Sep 23 12:55:03 UTC 2008

On Tue, 23 Sep 2008 00:51:02 -0700
"Ted Mittelstaedt" <tedm at> wrote:

> The canonical way is to use the functions random(), or srandom()
> or srandomdev() or arc4random() depending on what
> you need the random data for.   /dev/random is really only
> useful for seeding these functions (some of them pull data
> from /dev/random internally)

It depends what you are trying to achieve, random and srandom aren't 
considered to be cryptographically secure. The userland version of
arc4random()  (which is RC4) is probably OK, but  it's known to be
distinguishable from random, which is technically a break.  The kernel
version is much less secure, because it's not guaranteed to be seeded

For non-trivial Monte-Carlo work you're better-off with something
intended for the purpose, such as the Mersenne Twister.

>   The device has thus been optimized
> for seed generation to feed these other functions.

It wasn't, it was designed to be a fast and secure all-round random
number generator.
> If you really want to roll-your-own and not use these functions
> then you could read blocks from /dev/random and run
> a Chi-square and Monte Carlo test on each
> block and discard the ones that don't pass.
> I've done my experimenting with the ENT program:

I'm sceptical about this, if Rijndael in counter-mode produced output
that's distinguishable from random numbers over a few thousand bytes it
would surely never have made it into the AES competition, let alone win

More information about the freebsd-questions mailing list