0Pricing
Cryptology Academy · Lesson

Cryptographically Secure PRNGs

Explore /dev/urandom, ChaCha20-CSPRNG, and Fortuna.

CSPRNG Requirements Recap

A CSPRNG must satisfy: (1) next-bit unpredictability — knowing all previous bits, the next bit cannot be predicted with probability > 1/2 + negligible. (2) state compromise extension resistance — learning the current state reveals nothing about past output.

/dev/urandom and getrandom()

Linux /dev/urandom uses a CSPRNG seeded from the entropy pool. After initial seeding (128 bits of entropy), it is safe to use even when the pool is "empty" — the CSPRNG maintains its own internal state. getrandom() is the modern syscall equivalent.

All lessons in this course

  1. True Randomness vs Pseudorandomness
  2. Cryptographically Secure PRNGs
  3. Entropy Starvation & Weak-Key Bugs
  4. Generating Keys, Nonces & IVs Safely
← Back to Cryptology Academy