arc4random vs RAND_pseudo_bytes

T_B T_B at
Tue Sep 4 04:59:24 PDT 2007

Robert: I agree with this approach.  OpenSSL has been through a FIPS
certification (the 9.7 stream) and that examined its PRNG.  There seems to
be indications that the 9.8 stream will be going through FIPS soon.

----- Original Message ----- 
From: "Robert Connolly" <robert at>
To: "Hardened LFS Development List" <hlfs-dev at>
Sent: Monday, September 03, 2007 11:44 PM
Subject: arc4random vs RAND_pseudo_bytes

> arc4random() is a safe and secure prng, but I get no feedback about it.
> RAND_pseudo_bytes() would have the affect of removing cryptography from
> Glibc, and using OpenSSL whenever possible, which is the direction I've
> going.

More information about the hlfs-dev mailing list