monero-docs/docs/en/cryptography/prng.md

26 lines
1.1 KiB
Markdown
Raw Permalink Normal View History

---
title: Monero Pseudorandom Number Generator
---
2018-01-05 16:36:27 +00:00
# Monero Pseudorandom Number Generator
2018-01-03 11:10:56 +00:00
2018-01-05 16:36:27 +00:00
Monero uses PRNG based on the Keccak hashing function.
Basically, output of the previous hashing round is input for the next one.
2018-01-03 11:10:56 +00:00
2018-01-05 16:36:27 +00:00
The initial seed comes from entropy sources provided by operating system.
On Linux and MacOS the seed comes from `/dev/urandom`.
On Windows the WinAPI `CryptGenRandom` call is used for seeding.
2018-01-03 11:10:56 +00:00
There is no reseeding.
## Caveats
2018-01-05 16:36:27 +00:00
* This concerns the reference C++ implementation of Monero.
Please note there are many alternative implementations of private key generation,
including JavaScript, Python, Android/Java. These should be researched case by case for correctness.
2018-01-03 11:10:56 +00:00
* In Monero source code you can also find libsodium based random bytes generator. It is part of the embedded library and apparently is not used in actual Monero code.
## Reference
* [Source code](https://github.com/monero-project/monero/blob/1a4298685aa9e694bc555ae69be59d14d3790465/src/crypto/random.c)
* [StackExchange answer](https://monero.stackexchange.com/a/2076/3218)