/dev/random
and /dev/urandom
./dev/random
file (the limited blocking random generator) returns entropy from the kernel's entropy pool (collected noise) and blocks when the entropy pool is empty until additional environmental noise is gathered./dev/urandom
file (the unlimited non-blocking random generator) returns entropy from the kernel's entropy pool or a pseudo-random data, generated from previously collected environmental noise, which is also unpredictable, but is based on secure entropy "stretching" algorithm.RdRand
, which return a random integer into one of the CPU registers./dev/random
and /dev/urandom
sources of randomness are secure enough for most cryptographic purposes and most cryptographic libraries access them internally.BCryptGenRandom
function from the Cryptography API: Next Generation (CNG) or higher level crypto libraries.System.Security.Cryptography.RandomNumberGenerator.Create()
from .NET Framework or .NET Core.os.urandom()
or the secrets
library.java.security.SecureRandom
system class.window.crypto.getRandomValues(Uint8Array)
for client side (in the Web browser) or crypto.randomBytes()
or external module like node-sodium
for server-side (in Node.js).Math.random()
or similar insecure RNG functions for cryptographic purposes!