-r--r--r-- 6097 librandombytes-20240318/doc/html/index.html raw
<html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> html{overflow-y:scroll} body{font-family:"Noto Sans","Droid Sans","DejaVu Sans","Arial",sans-serif;line-height:1.5} tt,code{background-color:#f0f0f0;font-family:"Noto Sans Mono","Droid Sans Mono","DejaVu Sans Mono","Courier New",monospace,sans-serif;font-size:1em;} pre{margin-left:3em} p,ul,ol,blockquote,pre{font-size:1.0em;line-height:1.6} li p{font-size:1.0em} blockquote p{font-size:1.0em} h1{font-size:1.5em} h2{font-size:1.3em} h3{font-size:1.0em} h1 a{text-decoration:none} table{border-collapse:collapse} th,td{border:1px solid black} table a{text-decoration:none} table tr{font-size:1.0em;line-height:1.6} .links a:hover{text-decoration:underline} .links a:active{text-decoration:underline} .links img{width:200px;padding-left:1em} .links td{border:0px;padding-top:0.5em;padding-bottom:0.5em} .headline{padding:0;font-weight:bold;font-size:1.5em;vertical-align:top;padding-bottom:0.5em;color:#2f8a59} .navt{display:inline-block;box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box; min-width:14%;margin:0;padding:0;padding-left:0.5em;padding-right:0.5em;vertical-align:center; font-weight:bold;font-size:1.1em;text-align:center;border:1px solid black} .here{border-bottom:0px;background-color:#ffffff} .away{background-color:#2f8a59;} .away a{text-decoration:none;display:block;color:#ffffff} .away a:hover,.away a:active{text-decoration:underline} .main{margin:0;padding-top:0em;padding-bottom:1%;clear:both} </style> <title> librandombytes: Intro</title> </head> <body> <div class=headline> librandombytes</div> <div class=nav> <div class="navt here">Intro </div><div class="navt away"><a href=download.html>Download</a> </div><div class="navt away"><a href=install.html>Install</a> </div><div class="navt away"><a href=api.html>API</a> </div><div class="navt away"><a href=security.html>Security</a> </div><div class="navt away"><a href=license.html>License</a> </div></div> <div class=main> <p>librandombytes provides a simple API for applications generating fresh randomness: include <code>&lt;randombytes.h&gt;</code>, call <code>randombytes(x,xbytes)</code> whenever desired to generate fresh random bytes <code>x[0]</code>, <code>x[1]</code>, ..., <code>x[xbytes-1]</code>, and link with <code>-lrandombytes</code>.</p> <p>Random bytes are often used directly in applications. Random bytes are also the foundation of more complicated random objects, such as random integers in a limited interval, random floating-point numbers from a (nearly) normal distribution, and random keys used in public-key cryptosystems. librandombytes is dedicated to obtaining fresh random bytes in the first place, and leaves it to higher-level libraries to convert those bytes into other types of random objects.</p> <p>librandombytes aims for the following stringent randomness goal: no feasible computation will ever be able to tell the difference between the output bytes and true randomness (independent uniformly distributed random bytes). This makes the <code>randombytes()</code> output suitable for use in applications ranging from simulations to cryptography.</p> <p>Most alternative sources of randomness (such as <code>rand()</code> and <code>random()</code> in C, and <code>mt19937_64</code> in C++) consider detectable deviations from true randomness to be acceptable as long as <em>most</em> applications do not notice the deviations. These sources are not permitted inside librandombytes; the <code>randombytes()</code> caller is entitled to expect that the output comes from sources that are designed for the right goal.</p> <p>Internally, librandombytes is an abstraction layer for a choice of two libraries, where each library provides the same <code>randombytes</code> interface but the libraries choose two different sources of randomness:</p> <ul> <li> <p><code>librandombytes-kernel</code> reads random bytes provided by the OS kernel via mechanisms such as <code>getrandom()</code>. These mechanisms are typically advertised as providing RNG security features that are harder to provide in user space, such as hypervisor integration.</p> </li> <li> <p><code>librandombytes-openssl</code> uses OpenSSL's <code>RAND_bytes</code> to generate random bytes. This mechanism is typically advertised as providing speed that is difficult to achieve without a per-process RNG.</p> </li> </ul> <p>The idea is that the OS can install <code>librandombytes-kernel</code> by default, but the sysadmin can install <code>librandombytes-openssl</code> to transparently switch all of the <code>randombytes()</code> applications to <code>RAND_bytes</code> (for example, via Debian's <code>/etc/alternatives</code> mechanism) <em>if</em> profiling shows that this switch is important for overall system performance.</p> <p>Making this choice centrally means that applications are free to simply call <code>randombytes()</code></p> <ul> <li> <p>without worrying about evaluating performance,</p> </li> <li> <p>without worrying about how to balance performance concerns with competing concerns, and</p> </li> <li> <p>without worrying that these performance evaluations will be rendered obsolete by speed improvements: for example, by <a href="https://lkml.org/lkml/2023/1/1/87">ongoing work</a> to accelerate <code>getrandom()</code>, or by the increasing deployment of <a href="https://blog.cr.yp.to/20170723-random.html">fast-key-erasure RNGs</a>.</p> </li> </ul> <p>Another virtue of having a <code>randombytes()</code> abstraction layer is that test frameworks can substitute a deterministic seeded <code>randombytes()</code> providing <em>known</em> pseudorandom bytes for reproducible tests. Of course, the <code>randombytes()</code> provided by these test frameworks must be kept separate from the fresh <code>randombytes()</code> used for deployment.</p><hr><font size=1><b>Version:</b> This is version 2023.09.04 of the "Intro" web page. </font> </div> </body> </html>