Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

If crypto.randomBytes is cryptographically strong, is it safe to use as an RNG (and how?)

If crypto.randomBytes is cryptographically strong, is it safe to use as an RNG (and how?)

Problem

So in the docs, crypto.randomBytes is described as "Generat[ing] Cryptographically Strong pseudo-random data". I assume it read off dev/random via openssl.

Now, does that mean it's safe to scale the random byte range to an integer range, as described in: Scaling Random Bytes to Selected Integer Range ?

My understanding was that somehow only something along the lines of a device reading atmospheric noise in three different locations would be genuinely cryto-Strong.

Problem courtesy of: Stephan Tual

Solution

For actual random numbers, you need some hardware device.

However, Cryptographically strong pseudo-random numbers (which this API says it guarantees) should be good enough for most purposes. In particular, they cannot be predicted (this is what cryptographically strong means) or a sample distinguished from a truly random sample.

Solution courtesy of: Thilo

Discussion

View additional discussion.



This post first appeared on Node.js Recipes, please read the originial post: here

Share the post

If crypto.randomBytes is cryptographically strong, is it safe to use as an RNG (and how?)

×

Subscribe to Node.js Recipes

Get updates delivered right to your inbox!

Thank you for your subscription

×