← Lessons

quiz vs the machine

Platinum1760

Security

The Random Number Generation Crypto

Why cryptography lives or dies on unpredictable randomness, not ordinary random functions.

5 min read · advanced · beat Platinum to climb

Randomness Is The Foundation

Keys, nonces, salts, and initialization vectors all depend on unpredictable randomness. If an attacker can guess these values, even perfect algorithms collapse.

Two Kinds Of Random

  • An ordinary pseudo random generator is fast and statistically random but predictable if you know its seed or state. It is fine for simulations, never for keys.
  • A cryptographically secure generator, a CSPRNG, is designed so that observing past outputs gives no advantage in predicting future ones.

Where Entropy Comes From

A CSPRNG is seeded from the operating system entropy pool, which gathers unpredictability from hardware events and dedicated hardware sources. The OS interface is the right place to draw secure random bytes.

Common Failures

  • Seeding with the current time or a fixed value makes keys guessable.
  • Reusing a generator state across processes can repeat nonces.
  • A poorly seeded generator at boot, before entropy is gathered, can leak.

Always use the platform CSPRNG interface, never a plain language random function, for any security value.

Key idea

Cryptographic security depends on drawing keys, nonces, and salts from a properly seeded CSPRNG backed by operating system entropy, because predictable randomness from an ordinary generator breaks even flawless algorithms.

Check yourself

Answer to earn rating on the learn ladder.

1. Why is an ordinary pseudo random generator unsafe for keys?

2. What property defines a CSPRNG?

3. Where should secure random bytes come from?