OpenBSD manual page server

Manual Page Search Parameters

RANDOM(4) Device Drivers Manual RANDOM(4)

random, urandomrandom data source device

The urandom device produces high quality pseudo-random output data without ever blocking.

Entropy data stored previously is provided to the kernel during the boot sequence and used as inner-state of a stream cipher. High quality data is available immediately upon kernel startup. System activity (such as disk, network, and clock device interrupts), and hardware random generator output is collected, whitened with a crc and hash, then periodically folded together with stream cipher inner-state and outer-state to create a new inner state. Reads from all consumers (including the kernel itself, which makes many requests per second) are sliced from the same output stream, which carves the stream cipher output unpredictably and helps improve forward and backtracking protection beyond the strength of the stream cipher.

The urandom device is intended to be used in scripts. In C programs, use the arc4random(3) family of functions instead, which can be called in almost all coding environments, including pthreads(3), chroot(2), pledge(2), and unveil(2), and which avoids accessing a filesystem device every time.

For portability reasons, never use /dev/random. On OpenBSD, it is an alias for /dev/urandom, but on many other systems misbehaves by blocking because their random number generators lack a robust boot-time initialization sequence.

/dev/urandom
 

arc4random(3), amdpm(4), glxsb(4), pchb(4), arc4random(9)

A random device first appeared in Linux in 1994. The random and urandom devices have been available since OpenBSD 2.0.

May 29, 2020 OpenBSD-current