# Cryptographically secure pseudorandom number generator

## Type of functions designed for being unsolvable by root-finding algorithms / From Wikipedia, the free encyclopedia

#### Dear Wikiwand AI, let's keep it short by simply answering these key questions:

Can you list the top facts and stats about Cryptographically secure pseudorandom number generator?

Summarize this article for a 10 years old

A **cryptographically secure pseudorandom number generator** (**CSPRNG**) or **cryptographic pseudorandom number generator** (**CPRNG**)[1] is a pseudorandom number generator (PRNG) with properties that make it suitable for use in cryptography. It is also loosely known as a **cryptographic random number generator** (**CRNG**) (see Random number generation § "True" vs. pseudo-random numbers).[2][3]

Most cryptographic applications require random numbers, for example:

- key generation
- nonces
- salts in certain signature schemes, including ECDSA, RSASSA-PSS

The "quality" of the randomness required for these applications varies. For example, creating a nonce in some protocols needs only uniqueness. On the other hand, the generation of a master key requires a higher quality, such as more entropy. And in the case of one-time pads, the information-theoretic guarantee of perfect secrecy only holds if the key material comes from a true random source with high entropy, and thus any kind of pseudorandom number generator is insufficient.

Ideally, the generation of random numbers in CSPRNGs uses entropy obtained from a high-quality source, generally the operating system's randomness API. However, unexpected correlations have been found in several such ostensibly independent processes. From an information-theoretic point of view, the amount of randomness, the entropy that can be generated, is equal to the entropy provided by the system. But sometimes, in practical situations, more random numbers are needed than there is entropy available. Also, the processes to extract randomness from a running system are slow in actual practice. In such instances, a CSPRNG can sometimes be used. A CSPRNG can "stretch" the available entropy over more bits.