random, urandom - Strong random number generator device





     The /dev/random and /dev/urandom  files  are  special  files
     that  are  a source for random bytes generated by the kernel
     random  number  generator  device.   The   /dev/random   and
     /dev/urandom  files  are suitable for applications requiring
     high quality random numbers for cryptographic purposes.

     The generator device produces random numbers from  data  and
     devices available to the kernel and estimates  the amount of
     randomness (or "entropy") collected from these sources.  The
     entropy  level  determines the amount of high quality random
     numbers that are produced at a given time.

     Applications retrieve random bytes by reading /dev/random or
     /dev/urandom. The /dev/random interface returns random bytes
     only when sufficient amount of entropy has  been  collected.
     If  there  is  no entropy to produce the requested number of
     bytes,  /dev/random  blocks  until  more  entropy   can   be
     obtained.  Non-blocking  I/O mode can be used to disable the
     blocking behavior. The /dev/random interface  also  supports
     poll(2). Note that using poll(2) will not increase the speed
     at which random numbers can be read.

     Bytes retrieved from /dev/random provide the highest quality
     random numbers produced by the generator, and can be used to
     generate  long  term  keys  and  other  high  value   keying

     The  /dev/urandom interface returns bytes regardless of  the
     amount  of  entropy  available.  It does not block on a read
     request due to lack of entropy. While bytes produced by  the
     /dev/urandom  interface are of lower quality than bytes pro-
     duced by /dev/random, they are nonetheless suitable for less
     demanding  and shorter term cryptographic uses such as short
     term session keys, paddings, and challenge strings.

     Data can be written to /dev/random  and  /dev/urandom.  Data
     written  to  either special file is added to the generator's
     internal state. Data that is difficult to predict  by  other
     users  may  contribute randomness to the generator state and
     help improve the quality of future generated random numbers.

     By default, write access is restricted to the super-user. An
     administrator  may change the default read/write restriction
     by changing  the  permissions  on  the  appropriate  special


                O_NDELAY or O_NONBLOCK  was  set  and  no  random
                bytes are available for reading from /dev/random.

          EINTR A signal was caught while reading and no data was





     See attributes(5) for descriptions of the  following  attri-

   |        ATTRIBUTE TYPE       |        ATTRIBUTE VALUE      |
   | ____________________________|_____________________________|_
   |  Availability               |   SUNWcsr (32-bit)          |
   | ____________________________|_____________________________|_
   |                             |   SUNWcarx (64-bit)         |
   | Interface Stability         | Evolving                    |


     poll(2), attributes(5)


     An  implementation  of  the  /dev/random  and   /dev/urandom
     kernel-based random number generator first appeared in Linux

     A /dev/random interface for Solaris first appeared  as  part
     of the CryptoRand implementation.

Man(1) output converted with man2html