1
.\" $OpenBSD: arc4random.3,v 1.2 1997/04/27 22:40:25 angelos Exp $
2
.\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
3
.\" All rights reserved.
5
.\" Redistribution and use in source and binary forms, with or without
6
.\" modification, are permitted provided that the following conditions
8
.\" 1. Redistributions of source code must retain the above copyright
9
.\" notice, this list of conditions and the following disclaimer.
10
.\" 2. Redistributions in binary form must reproduce the above copyright
11
.\" notice, this list of conditions and the following disclaimer in the
12
.\" documentation and/or other materials provided with the distribution.
13
.\" 3. All advertising materials mentioning features or use of this software
14
.\" must display the following acknowledgement:
15
.\" This product includes software developed by Niels Provos.
16
.\" 4. The name of the author may not be used to endorse or promote products
17
.\" derived from this software without specific prior written permission.
19
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30
.\" Manual page, using -mandoc macros
39
.Nm arc4random_uniform ,
41
.Nm arc4random_addrandom
42
.Nd arc4 random number generator
44
.ds str-Lb-libbsd Utility functions from BSD systems (libbsd, \-lbsd)
51
.Fn arc4random_buf "void *buf" "size_t nbytes"
53
.Fn arc4random_uniform "u_int32_t upper_bound"
55
.Fn arc4random_stir "void"
57
.Fn arc4random_addrandom "unsigned char *dat" "int datlen"
61
function uses the key stream generator employed by the
62
arc4 cipher, which uses 8*8 8 bit S-Boxes.
65
.if t 2\u\s71700\s10\d
70
function returns pseudo-random numbers in the range of 0 to
71
.if t 2\u\s731\s10\d\(mi1,
73
and therefore has twice the range of
79
function fills the region
83
with ARC4-derived random data.
85
.Fn arc4random_uniform
86
will return a uniformly distributed random number less than
88
.Fn arc4random_uniform
89
is recommended over constructions like
90
.Dq Li arc4random() % upper_bound
91
as it avoids "modulo bias" when the upper bound is not a power of two.
95
function reads data from
97
and uses it to permute the S-Boxes via
98
.Fn arc4random_addrandom .
100
There is no need to call
104
functions family, since
105
they automatically initialize themselves.
107
The following produces a drop-in replacement for the traditional
114
.Dl "#define foo4random() (arc4random() % ((unsigned)RAND_MAX + 1))"
121
has been designed by RSA Data Security, Inc.
122
It was posted anonymously
123
to the USENET and was confirmed to be equivalent by several sources who
124
had access to the original cipher.
127
used to be a trade secret, the cipher is now referred to as