Random Numbers in OpenBSD

Kjell Wooding | 2003-01-11

This is a work in progress. Of course, on the Internet, what isn't?

Quick Overview of Random Devices

There are several devices available under OpenBSD that provide random number generation support.

/dev/random
Reserved for harware RNG support
/dev/srandom
The strongest random number source. If sufficient entropy is not available, this device will pause, making it unsuitable for timing-critical applications. Because this is the strongest random source available, it should be used sparingly (ie - for key material).
/dev/arandom
ARC4 pseudo-random output generator. This device is regularly re-seeded from the strong random entropy pool, making it likely the best source of general-purpose randomness. Furthermore, it guarantees no two users on the same machine will receive the same data, making it useful for cryptographic applications such as OpenSSL.
/dev/urandom
Another strong source of random (entropy pool) data. When entropy runs low, however, this device will continue to generate output. This means that strong randomness is not guaranteed.
/dev/prandom
A simple pseudo-random generator. This should likely not be used for cryptographic purposes.

pintday.org » Fresh every Tuesday.