Overview of random number generation

Overview

The purpose of the Random Number Generation API is the generation of cryptographically strong random numbers.

Several cryptographic applications rely upon the randomness, unpredictability and irreproducibility of the random number generator, such as:

  • one-time pads

  • key generation

  • random nonces

  • Initialization Vectors (IVs)

  • salts to be hashed with passwords

  • unique parameters in signing operations.

The RNG uses the RANROT algorithm seeded by random data available on the target hardware (for instance free running counters available on ARM processors).
Note:

In order to be fully compliant with DSS (Digital Signature Standard), applications using the cryptography library must supply a FIPS-186-2 CR 1 compliant random number generator. The library provides a mechanism for using such a random number generator if required.

The Random Number Generation API

The diagram below shows the main classes used in the RNG, which are implemented in random.dll . For information on each class see the Cryptography API Reference material.

Figure 1. The inheritance hierarchy for the RRandomSession and CSystemRandom classes

How to use TRandom

TRandom is a cryptographically stong random number generator. Its declaration is:

       
        
       
       class TRandom
    {
public:
    IMPORT_C static void RandomL(TDes8& aDestination);
    };
      
Note: The function TRandom::Random() which panics rather than leaves when it cannot obtain a random number, is deprecated from v9.1 onwards.

TRandom::RandomL() generates random bytes by first connecting to the random number generation server (using RRandomSession ). If the attempt to connect fails, TRandom::RandomL() leaves.

The server fills aDestination with randomly generated bytes up to its current length (not its maximum length). If this fails, TRandom::RandomL() leaves. If aDestination is 1024 or more bytes long, multiple calls are made to the server. Finally, TRandom closes the session.

TRandom can be used like this:

       
        
       
       HBufC8* rand = HBufC8::NewLC(5);
TPtr8 pRand=rand->Des();
pRand.SetLength(5);
TRandom::RandomL(pRand);
...
CleanupStack::PopAndDestroy(rand);