Librandombytes – a public domain library for generating randomness

How does this compare to what you get from one of the csprngs in rust&#x27;s rand crate? I&#x27;m not sure when I&#x27;d use this.<p><a href="https:&#x2F;&#x2F;rust-random.github.io&#x2F;book&#x2F;guide-rngs.html#cryptographically-secure-pseudo-random-number-generators-csprngs" rel="nofollow">https:&#x2F;&#x2F;rust-random.github.io&#x2F;book&#x2F;guide-rngs.html#cryptogra...</a>

Are there any methods of generating randomness on common platforms — Linux (raw or VM), Windows, MacOS — that are suitable for use as a cryptographic one-time pad?<p>The definition of this library function seems to suggest that it’s suitable:<p>&gt; librandombytes aims for the following stringent randomness goal: no feasible computation will ever be able to tell the difference between the output bytes and true randomness (independent uniformly distributed random bytes).<p>However my understanding is that PRNGs are not a suitable source of randomness for one time pads; that this would reduce OTP encryption to being something like an ad hoc stream cipher.<p>So some implementations that might look random wouldn’t actually provide a suitable bitstream for this purpose: the bits in the output would be correlated, if in a complex, cryptographically obscure way. (But bits in a one-find pad should all be entirely random and uncorrelated.)<p>Is that accurate?<p>Do modern PCs have an efficient way to produce meaningful amounts of true stochastic random data suitable for use with OTP encryption (such as the RDRAND instruction)? What are some good abstractions for producing a stream of random data suitable for use with OTP cryptography?<p>Edit: this is a question for the sake of curiosity. I realize that practical systems have many threat vectors and that OTP is not a panacea, or even necessarily an improvement.

Can anyone recommend between Librandombytes and libsodium ramdombytes?<p><a href="https:&#x2F;&#x2F;github.com&#x2F;jedisct1&#x2F;libsodium&#x2F;tree&#x2F;master&#x2F;src&#x2F;libsodium&#x2F;randombytes">https:&#x2F;&#x2F;github.com&#x2F;jedisct1&#x2F;libsodium&#x2F;tree&#x2F;master&#x2F;src&#x2F;libsod...</a>

When are we going to get a distributed peer to peer randomness service.<p>I could roll a die in return for $random crypto currency.<p>Obviously the amount could vary depending on the amount of randomness. So me thinking of a random number would get less than a die roll which would get less than this comment.

This is a randomness distillation function that gets entropy from a system source like linux getrandom() or the OpenSSL RNG. It&#x27;s nice but it is purely computational. It doesn&#x27;t harvest entropy on its own, if that is what you were hoping.

arc4random() has existed to produce cryptographically random values for well over a decade (and despite the name, on Mac at least is not rc4 based and I assume Linux is the same). Additionally windows and Darwin&#x2F;xnu have API to get large arrays of random values and I again will just assume Linux does too. This library should not be doing anything other than wrapping the specific api provided by the host platform.

Small program to generate random bytes to stdout, using original 2008 randombytes() function that presumably inspired librandombytes.<p>Usage:<p><pre><code> a.out number_of_bytes </code></pre> For example,<p><pre><code> a.out 128 &gt; data od -tx1 -An &lt; data </code></pre> Taken from public domain source code by djb and jmojzis. Tested on Void Linux with musl.<p><pre><code> #include &lt;stdlib.h&gt; #include &lt;unistd.h&gt; #include &lt;sys&#x2F;types.h&gt; #include &lt;fcntl.h&gt; #include &lt;poll.h&gt; #include &lt;errno.h&gt; #include &lt;sys&#x2F;stat.h&gt; int strtonum(long long *,const char *); int strtonum(long long *r,const char *buf){ char *bufpos=(char *)buf; int flagsign=0; long long i; unsigned long long c,ret=0; if (!buf) goto failed; switch(buf[0]){ case 0: goto failed;break; case &#x27;+&#x27;: ++bufpos;break; case &#x27;-&#x27;: flagsign=1;++bufpos;break; default: break; } for(i=0;bufpos[i];++i){ c=bufpos[i]-&#x27;0&#x27;; if(c&lt;0||c&gt;9)break; c+=10*(ret); if(ret&gt;c)goto failed; ret=c; } if(i==0)goto failed; if(flagsign){*r=-ret;if(*r&gt;0)goto failed;} else{*r=ret;if(*r&lt;0)goto failed;} return 1; failed: *r=0; errno=EINVAL; return 0; } int writeall(int,const void *,long long); int writeall(int fd,const void *xv,long long xlen) { const unsigned char *x=xv; long long w; while(xlen&gt;0){ w=xlen; if(w&gt;1048576)w=1048576; w=write(fd,x,w); if(w&lt;0){ if(errno==EINTR||errno==EAGAIN||errno==EWOULDBLOCK){ struct pollfd p;p.fd=fd;p.events=POLLOUT|POLLERR; poll(&amp;p,1,-1);continue; } return -1; } x += w; xlen -= w; } return 0; } void randombytes(unsigned char *,unsigned long long); &#x2F;* it&#x27;s really stupid that there isn&#x27;t a syscall for this *&#x2F; static int fd = -1; void randombytes(unsigned char *x,unsigned long long xlen) { int i; if(fd==-1){ for(;;){ fd=open(&quot;&#x2F;dev&#x2F;urandom&quot;,O_RDONLY); if(fd!=-1)break; sleep(1); } } while(xlen&gt;0){ if(xlen&lt;1048576)i=xlen;else i=1048576; i=read(fd,x,i); if(i&lt;1){sleep(1);continue;} x+=i;xlen-=i; } } int fsyncfd(int); int fsyncfd(int fd){ struct stat st; if(fstat(fd,&amp;st)==0&amp;&amp;S_ISREG(st.st_mode)){ if(fsync(fd)==-1)return -1;} return 0; } void byte_zero(void *,long long); void byte_zero(void *yv,long long ylen){ long long i;char *y=yv; for(i=0;i&lt;ylen;++i)y[i]=0; } static unsigned char buf[4096]; int main(int argc,char **argv){ long long i,l; if(!strtonum(&amp;l,argv[1])||l&lt;0)exit(0); byte_zero(buf,sizeof buf); while(l&gt;0){ i=l; if(i&gt;sizeof buf)i=sizeof buf; randombytes(buf,i); if(writeall(1,buf,i)==-1)exit(0); l-=i; } if(fsyncfd(1)==-1)exit(0); exit(0); }</code></pre>

Is there an actual license file somewhere? Not only is the title of the page not necessarily authoritative enough, but public-domain dedication is not a thing in many countries, which is why CC-0 exists.