Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
RANDOM(4)	       FreeBSD Kernel Interfaces Manual		     RANDOM(4)

     random, urandom --	random data source device

     The urandom device	produces high quality pseudo-random output data	with-
     out ever blocking.

     Entropy data stored previously is provided	to the kernel during the boot
     sequence and used as inner-state of a stream cipher.  High	quality	data
     is	available immediately upon kernel startup.  System activity (such as
     disk, network, and	clock device interrupts), and hardware random genera-
     tor output	is collected, whitened with a crc and hash, then periodically
     folded together with stream cipher	inner-state and	outer-state to create
     a new inner state.	 Reads from all	consumers (including the kernel	it-
     self, which makes many requests per second) are sliced from the same out-
     put stream, which carves the stream cipher	output unpredictably and helps
     improve forward and backtracking protection beyond	the strength of	the
     stream cipher.

     The urandom device	is intended to be used in scripts.  In C programs, use
     the arc4random(3) family of functions instead, which can be called	in al-
     most all coding environments, including pthreads(3), chroot(2),
     pledge(2),	and unveil(2), and which avoids	accessing a filesystem device
     every time.

     For portability reasons, never use	/dev/random.  On OpenBSD, it is	an
     alias for /dev/urandom, but on many other systems misbehaves by blocking
     because their random number generators lack a robust boot-time initial-
     ization sequence.


     arc4random(3), amdpm(4), glxsb(4),	pchb(4), arc4random(9)

     A random device first appeared in Linux in	1994.  The random and urandom
     devices have been available since OpenBSD 2.0.

FreeBSD	13.0			 May 29, 2020			  FreeBSD 13.0


Want to link to this manual page? Use this URL:

home | help