After dealing with the seeding of srand()
, I’ve realized that rand()
just doesn’t give strong enough random numbers for some of my needs (e.g. strong password generator), so I decided to find a better solution. The solution came in the form of Random
, a cryptography strong pseudo-random number generator class.
Building a cryptography strong pseudo-random number generator would require doing a lot of research and using complex entropy algorithms, meaning that it would be hard for me to implement in a reasonable amount of time and effort. Fortunately, Linux provides a special file that provides an interface for the kernel’s random number generator (some other operating systems such as BSD and Mac OS X provides it too), which is suitable for uses that require high-quality randomness such as cryptography. So I’ve decided to take a different approach, I’ve written a class that hooks up to /dev/random
and /dev/urandom
(that does basically the same thing as /dev/random
but doesn’t block, and provides random numbers of inferior randomness when entropy levels are low).
The class that I wrote, Random
provides an easy to use interface to /dev/random
and /dev/urandom
, allowing the programmer to use high quality random numbers from the kernel’s random number generator without worrying about complex implementation. The class provides methods for getting random unsigned integers, real (double) numbers from 0 to 1 (including) and getting random unsigned integers in a specified range.
The class implementation is well documented and includes full Doxygen documentation.
The class is released under the terms of the MIT license, so feel free to use and modify it (if you do modify I would appreciate if you send me a note about what you changed).
/**
* \file random.h
* \author Guy Rutenberg <guyrutenberg@gmail.com>
* \version 1.0
* \date 2007
*
* Header file for Random.
*
* License: The MIT License (included in the file).
*/
/*****************************************************************************
The MIT License
Copyright (c) 2007 Guy Rutenberg
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*****************************************************************************/
#ifndef __RANDOM_H__
#define __RNADOM_H__
#define DEVRANDOMERROR 1;
#include <iostream>
#include <fstream>
using namespace std;
/**
* \brief Interface for strong integer random number generators.
*
* Random number generators provided by this class are base on
* /dev/random and /dev/urandom.
*/
class Random {
private:
ifstream m_random;
ifstream m_urandom;
public:
inline Random();
inline unsigned int secure();
inline unsigned int strong();
inline double secure_real();
inline double strong_real();
inline unsigned int secure_range(unsigned int x);
inline unsigned int strong_range(unsigned int x);
};
inline Random::Random()
{
m_random.open("/dev/random",ios::in|ios::binary);
m_urandom.open("/dev/urandom",ios::in|ios::binary);
if (!m_random || !m_urandom)
throw DEVRANDOMERROR;
}
/**
* \brief Generates secure, cryptography strong random numbers.
*
* Uses /dev/random to generate cryptography strong random numbers.
* \note This function may take a long time to return if system entropy levels
* are low as /dev/random will block.
* \return randomly generated unsigned int.
*/
inline unsigned int Random::secure()
{
unsigned int num = 0;
m_random.read((char*)&num, sizeof(unsigned int));
return num;
}
/**
* \brief Generates strong pseudo random numbers.
*
* Uses /dev/urandom to generate strong random numbers. Unlike
* Random::secure() this function won't block if entropy levels are low but
* instead it will generate random numbers with lower randomness level.
*/
inline unsigned int Random::strong()
{
unsigned int num = 0;
m_urandom.read((char*)&num, sizeof(unsigned int));
return num;
}
/**
* \brief Generates secure pseudo random real number.
*
* Uses /dev/random to generate secure random real numbers between 0 and 1.
*/
inline double Random::secure_real()
{
return (double)secure()/(unsigned int)(-1);
}
/**
* \brief Generates strong pseudo random real number.
*
* Uses /dev/urandom to generate strong random real numbers between 0 and 1.
*/
inline double Random::strong_real()
{
return (double)strong()/(unsigned int)(-1);
}
/**
* \brief Generates secure pseudo random number in a limited range.
*
* Uses /dev/random to generate secure random real numbers between 0 and 1.
* \param x [unsigned int] random numbers will be generated between 0 and x-1 (including).
*/
inline unsigned int Random::secure_range(unsigned int x)
{
// we do mod x to handle the extreme case secure_real() returns 1
return (unsigned int)(secure_real() * x)%x;
}
/**
* \brief Generates strong pseudo random number in a limited range.
*
* Uses /dev/random to generate secure random real numbers between 0 and 1.
* \param x [unsigned int] random numbers will be generated between 0 and x-1 (including).
*/
inline unsigned int Random::strong_range(unsigned int x)
{
// we do mod x to handle the extreme case secure_real() returns 1
return (unsigned int)(strong_real() * x)%x;
}
#endif /*__RANDOM_H__*/
does this code work on Window?
I don’t think so. This code surely works on Linus, and should also work on BSD and other Unix flavors. This code might also work on Mac OS X (but I haven’t tested). But sure it won’t work on windows as Windows doesn’t have a /dev/random random number generator.
hey great this is just what i was looking for! just for seeding pourposes in a cluster. Ill test it!
Carlos
yup, its working!!!!
Thanks
Hi Carlos,
I’m glad you found this class useful.
Good stuff … exactly what I was looking for. Nice and clean.
On Windows there is the CryptGenRandom function which fills a buffer with cryptographically random bytes.