Cryptographically Secure Pseudorandom Number Generator (CSPRNG)
A pseudorandom number generator (PRNG) is an algorithm that produces a sequence of numbers whose properties approximate those of random numbers. However, the sequences generated in this way are not truly random, as they are the output of a deterministic algorithm with fixed input data, called a seed (although the input seed can be truly random). The vast majority of cryptographic applications require random numbers for tasks such as key generation, nonce generation, and salt creation for digital signature systems and other encryption schemes. The quality of randomness of the generated numbers directly affects the security level of these tasks; therefore, the pseudorandom number generator is extended to a cryptographically secure pseudorandom number generator (CSPRNG). A cryptographically secure pseudorandom number generator must satisfy the following two requirements:- The generated sequence must pass statistical randomness tests.
- It must withstand exposure of its state or algorithm to an attacker: the attacker may know the generator’s algorithm or its state and output, but still cannot predict the next number sequence.