ARC4RANDOM(3) | Library Functions Manual | ARC4RANDOM(3) |

`arc4random`

, `arc4random_buf`

,
`arc4random_uniform`

—
random number generator

`#include <stdlib.h>`

`uint32_t`

`arc4random`

(`void`);

`void`

`arc4random_buf`

(`void
*buf`, `size_t
nbytes`);

`uint32_t`

`arc4random_uniform`

(`uint32_t
upper_bound`);

Use of these functions is encouraged for almost all random number consumption because the other interfaces are deficient in either quality, portability, standardization, or availability. These functions can be called in almost all coding environments, including pthreads(3) and chroot(2).

High quality 32-bit pseudo-random numbers are generated very quickly. On each call, a cryptographic pseudo-random number generator is used to generate a new result. One data pool is used for all consumers in a process, so that consumption under program flow can act as additional stirring. The subsystem is re-seeded from the kernel random number subsystem using getentropy(2) on a regular basis, and also upon fork(2).

The `arc4random`

() function returns a single
32-bit value.

`arc4random_buf`

() fills the region
`buf` of length `nbytes` with random
data.

`arc4random_uniform`

() will return a single
32-bit value, uniformly distributed but less than
`upper_bound`. This is recommended over constructions
like “`arc4random() % upper_bound`

” as
it avoids "modulo bias" when the upper bound is not a power of
two. In the worst case, this function may consume multiple iterations to
ensure uniformity; see the source code to understand the problem and
solution.

The original version of this random number generator used the RC4 (also known as ARC4) algorithm. In OpenBSD 5.5 it was replaced with the ChaCha20 cipher, and it may be replaced again in the future as cryptographic techniques advance. A good mnemonic is “A Replacement Call for Random”.

November 25, 2014 | OpenBSD-current |