Why would I use an external random number generator (RNG) instead of my own?
My RNG is a cryptographically secure, NIST certified random number generator. This means that you save the trouble given by having to certify your own RNG. I can provide the full trust chain between the source code and the NIST certification of the RNG to Pro clients.
Another reason is that generating large quantities of random numbers is CPU and memory intensive, and storing all these numbers on disk can also be disk intensive. This can impair the performance of small web servers and could mean you may have to upgrade your server for the only purpose of generating random numbers. Using the CSRNG Pro service can help you save a lot just by outsourcing this function.
How do you generate random numbers?
My servers are running PHP 7 on RedHat Enterprise Linux 7 servers. The RNG API uses the random_int() function of PHP, which is using the getrandom(2) Linux system call, which in turn is certified by the NIST as a truly random cryptographic level RNG.
Can you provide the “NIST certified” documentation?
The chain of trust between the RNG and the NIST certification goes as follows:
- The RNG uses the random_int() PHP 7 function to generate random numbers. As stated in the PHP documentation, when PHP runs on Linux, random_int() uses the getrandom(2) system call.
- As stated in this RedHat document published by the NIST (See “Description”, stating the “approved random number generator”), getramdom(2) is an approved random number generator on Linux RedHat when Redhat runs in FIPS mode.
- Here is the consolidated certificate validating the Red Hat Enterprise Linux 7 cryptographic modules as cryptographically secure: View certificate
How fast can you generate random numbers?
Using our CSRNG Pro version, we can generate about 1,000,000 non-unique random numbers within 3 seconds. However, the part taking the most time is the network data transfer between our servers and the host requesting it (1,000,000 numbers can take around 15MB). Generating unique random numbers takes more time, since we have to loop more times through the RNG to get all unique values. It can take up to 10 seconds to generate 100,000 unique numbers in a scope of 133,333 possibilities (the worst possible case)
Do you provide assistance in setting up the API
You can get help in our Documentation section