Random number and Microsoft CNG

Question

I need to use the Microsoft CNG API to generate secure random numbers for cryptography.

Am I supposed to generate all the numbers using this API, or just obtain a seed value for another random generator from it?

Any help appreciated! Thanks.

score 0 · Accepted Answer · answered Feb 19 '12 at 10:56

0

How many random numbers do you want? There is only a limited amount of entropy in the MS CNG entropy pool. For just a single number/key then it is fine. For multiple keys, then you are better off using the CNG to seed a separate crypto quality PRNG.

There is a description of the MS CNG in section 7.1.3 of RFC 4086

answered Feb 19 '12 at 10:56

rossum

15,344
1
24
38

The Microsoft [`CryptGenRandom`](https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom) function recommended in the linked RFC is deprecated. Users should instead be using [`BCryptGenRandom`](https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom?redirectedfrom=MSDN). – Kevin Dec 22 '21 at 15:55

Random number and Microsoft CNG

1 Answers1