libc/stdlib/random.3

.\" Copyright (c) 1983, 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 4. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"     @(#)random.3	8.1 (Berkeley) 6/4/93
.\" $FreeBSD: src/lib/libc/stdlib/random.3,v 1.22 2007/01/09 00:28:10 imp Exp $
.\" $DragonFly: src/lib/libc/stdlib/random.3,v 1.5 2007/06/29 19:34:41 swildner Exp $
.\"
.Dd June 4, 1993
.Dt RANDOM 3
.Os
.Sh NAME
.Nm random ,
.Nm srandom ,
.Nm srandomdev ,
.Nm initstate ,
.Nm setstate
.Nd better random number generator; routines for changing generators
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In stdlib.h
.Ft long
.Fn random void
.Ft void
.Fn srandom "unsigned long seed"
.Ft void
.Fn srandomdev void
.Ft char *
.Fn initstate "unsigned long seed" "char *state" "long n"
.Ft char *
.Fn setstate "char *state"
.Sh DESCRIPTION
The
.Fn random
function
uses a non-linear additive feedback random number generator employing a
default table of size 31 long integers to return successive pseudo-random
numbers in the range from 0 to
.if t 2\u\s731\s10\d\(mi1.
.if n (2**31)\(mi1.
The period of this random number generator is very large, approximately
.if t 16\(mu(2\u\s731\s10\d\(mi1).
.if n 16*((2**31)\(mi1).
.Pp
The
.Fn random
and
.Fn srandom
functions have (almost) the same calling sequence and initialization properties as the
.Xr rand 3
and
.Xr srand 3
functions.
The difference is that
.Xr rand 3
produces a much less random sequence \(em in fact, the low dozen bits
generated by rand go through a cyclic pattern.
All the bits generated by
.Fn random
are usable.
For example,
.Sq Li random()&01
will produce a random binary
value.
.Pp
Like
.Xr rand 3 ,
.Fn random
will by default produce a sequence of numbers that can be duplicated
by calling
.Fn srandom
with
.Ql 1
as the seed.
.Pp
The
.Fn srandomdev
routine initializes a state array using the
.Xr random 4
random number device which returns good random numbers,
suitable for cryptographic use.
Note that this particular seeding
procedure can generate states which are impossible to reproduce by
calling
.Fn srandom
with any value, since the succeeding terms in the
state buffer are no longer derived from the LC algorithm applied to
a fixed seed.
.Pp
The
.Fn initstate
routine allows a state array, passed in as an argument, to be initialized
for future use.
The size of the state array (in bytes) is used by
.Fn initstate
to decide how sophisticated a random number generator it should use \(em the
more state, the better the random numbers will be.
(Current "optimal" values for the amount of state information are
8, 32, 64, 128, and 256 bytes; other amounts will be rounded down to
the nearest known amount.
Using less than 8 bytes will cause an error.)
The seed for the initialization (which specifies a starting point for
the random number sequence, and provides for restarting at the same
point) is also an argument.
The
.Fn initstate
function
returns a pointer to the previous state information array.
.Pp
Once a state has been initialized, the
.Fn setstate
routine provides for rapid switching between states.
The
.Fn setstate
function
returns a pointer to the previous state array; its
argument state array is used for further random number generation
until the next call to
.Fn initstate
or
.Fn setstate .
.Pp
Once a state array has been initialized, it may be restarted at a
different point either by calling
.Fn initstate
(with the desired seed, the state array, and its size) or by calling
both
.Fn setstate
(with the state array) and
.Fn srandom
(with the desired seed).
The advantage of calling both
.Fn setstate
and
.Fn srandom
is that the size of the state array does not have to be remembered after
it is initialized.
.Pp
With 256 bytes of state information, the period of the random number
generator is greater than
.if t 2\u\s769\s10\d,
.if n 2**69
which should be sufficient for most purposes.
.Sh DIAGNOSTICS
If
.Fn initstate
is called with less than 8 bytes of state information, or if
.Fn setstate
detects that the state information has been garbled, error
messages are printed on the standard error output.
.Sh SEE ALSO
.Xr arc4random 3 ,
.Xr rand 3 ,
.Xr srand 3 ,
.Xr random 4
.Sh HISTORY
These
functions appeared in
.Bx 4.2 .
.Sh AUTHORS
.An Earl T. Cohen
.Sh BUGS
About 2/3 the speed of
.Xr rand 3 .
.Pp
The historical implementation used to have a very weak seeding; the
random sequence did not vary much with the seed.
The current implementation employs a better pseudo-random number
generator for the initial state calculation.
.Pp
Applications requiring cryptographic quality randomness should use
.Xr arc4random 3 .