Home/ Questions/Q 3949796
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T01:32:08+00:00

While looking for best attempts at generating truly random numbers, I stumbled upon this

  • 0

While looking for best attempts at generating truly random numbers, I stumbled upon this code example.

Looking for opinions on this snippet.

using System;
using System.Security.Cryptography;

private static int NextInt(int min, int max)
{
    RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
    byte[] buffer = new byte[4];
    
    rng.GetBytes(buffer);
    int result = BitConverter.ToInt32(buffer, 0);

    return new Random(result).Next(min, max);
}

Source: http://www.vcskicks.com/code-snippet/rng-int.php

Would this be preferred over using a tick count seed such as:

Random rand = new Random(Environment.TickCount); 
rand.Next(min, max);

Note:

I am not looking for third party random data providers such as Random.org, as such a dependency is not realistic to the application.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Well, using RNGCryptoServiceProvider gives you an unguessable crypto-strength seed whereas Environment.TickCount is, in theory, predictable.

    Another crucial difference would be evident when calling your NextInt method several times in quick succession. Using RNGCryptoServiceProvider will seed the Random object with a different crypto-strength number each time, meaning that it will go on to return a different random number for each call. Using TickCount risks seeding the Random object with the same number each time (if the method is called several times during the same “tick”), meaning that it will go on to return the same (supposedly random) number for each call.

    If you genuinely need truly random numbers then you shouldn’t be using a computer to generate them at all: you should be measuring radioactive decay or something similarly, genuinely unpredictable.

    • 0