ADC Home > Reference Library > Reference > Mac OS X > Mac OS X Man Pages

 

This document is a Mac OS X manual page. Manual pages are a command-line technology for providing documentation. You can view these manual pages locally using the man(1) command. These manual pages come from many different sources, and thus, have a variety of writing styles.

For more information about the manual page format, see the manual page for manpages(5).


RANDOM(4)                BSD Kernel Interfaces Manual                RANDOM(4)

NAME
     random , urandom -- random data source devices.

SYNOPSIS
     pseudo-device random

DESCRIPTION
     The random device produces uniformly distributed random byte values of potentially high quality.

     To obtain random bytes, open /dev/random for reading and read from it.

     To add entropy to the random generation system, open /dev/random for writing and write data that you
     believe to be somehow random.

     /dev/urandom is a compatibility nod to Linux. On Linux, /dev/urandom will produce lower quality output
     if the entropy pool drains, while /dev/random will prefer to block and wait for additional entropy to
     be collected.  With Yarrow, this choice and distinction is not necessary, and the two devices behave
     identically. You may use either.

OPERATION
     The random device implements the Yarrow pseudo random number generator algorithm and maintains its
     entropy pool.  Additional entropy is fed to the generator regularly by the SecurityServer daemon from
     random jitter measurements of the kernel.  SecurityServer is also responsible for periodically saving
     some entropy to disk and reloading it during startup to provide entropy in early system operation.

     You may feed additional entropy to the generator by writing it to the random device, though this is not
     required in a normal operating environment.

LIMITATIONS AND WARNINGS
     Yarrow is a fairly resilient algorithm, and is believed to be resistant to non-root.  The quality of
     its output is however dependent on regular addition of appropriate entropy. If the SecurityServer sys-tem system
     tem daemon fails for any reason, output quality will suffer over time without any explicit indication
     from the random device itself.

     Paranoid programmers can counteract this risk somewhat by collecting entropy of their choice (e.g. from
     keystroke or mouse timings) and seeding it into random directly before obtaining important random num-bers. numbers.
     bers.

FILES
     /dev/random
     /dev/urandom

HISTORY
     A random device appeared in Linux operating system.

Darwin                         September 6, 2001                        Darwin

Did this document help you?
Yes: Tell us what works for you.
It’s good, but: Report typos, inaccuracies, and so forth.
It wasn’t helpful: Tell us what would have helped.