True Random vs. Pseudorandom Number Generation

In the world of computing, “randomness” isn’t a one-size-fits-all concept. Whether you are developing a gaming app or securing a high-stakes cryptographic protocol, the type of Random Number Generator (RNG) you choose matters. The distinction boils down to one factor: reproducibility.

Download wolfSSL →

1. Pseudorandom Number Generators (PRNGs)
   A PRNG is a deterministic algorithm. It takes a starting point—called a seed—and applies a mathematical formula to produce a sequence of numbers that looks random.
   • The Pro: They are incredibly fast, efficient, and require no special hardware.
   • The Con: If an attacker discovers the seed and the algorithm, they can predict every subsequent number in the sequence.
   • The Use Case: PRNGs are excellent for simulations or “stretching” high-quality entropy. Because True Random data is computationally “expensive” to harvest, developers often use a small amount of TRNG data as a seed for a cryptographically secure PRNG.
2. True Random Number Generators (TRNGs)
   TRNGs don’t rely on math; they rely on physics. They capture “entropy” from unpredictable physical phenomena in the real world. Common sources include:
   • Thermal Noise: Minute fluctuations in electronic circuits.
   • Ring Oscillators: Jitter in high-frequency clock signals.
   • Radioactive Decay: The unpredictable timing of atomic breakdown.
   • Atmospheric Noise: Radio static caused by lightning and other natural events.

   Because these physical processes are non-deterministic, the resulting numbers are truly unpredictable, even if the observer knows exactly how the hardware works.

Implementation with wolfSSL
Choosing between speed and security doesn’t have to be a compromise. At wolfSSL, we provide tools to help you implement the right level of entropy for your environment:

• wolfEntropySP800-90B ESV validation. It is designed to operate seamlessly with wolfCrypt, our high-performance crypto engine.
• Hardware Integration: Most modern big metal processors and high-end microcontrollers feature built-in TRNG sources. wolfCrypt can leverage these directly as a primary random source or use them to seed an internal PRNG for high-speed cryptographic operations. wolfCrypt has support for TRNGs such as:
  • Arduino SAMD
  • Cavium NITROX
  • Espressif ESP32-WROOM-32
  • Infineon Aurix TC3xx
  • Infineon/Cypress PSoC
  • Intel SGX
  • Intel RDRAND
  • Maxim MAX326xx
  • Maxim MAXQ10xx
  • Microchip/Atmel ATECC608
  • Microchip PIC32MZ
  • Nordic nRF5x
  • NXP i.MX6 CAAM
  • NXP i.MX7 CAAM
  • NXP i.MX RT1060
  • NXP Kinetis and KSDK
  • Renesas RA6M4
  • Renesas RZ/N2L
  • Silicon Labs SE
  • Telit M2MB
  • Whitewood Quantum RNG
  • Windows CryptGenRandom
  • STM32C0xx
  • STM32L0xx
  • STM32G0xx
  • STM32F0xx
  • STM32L1xx
  • STM32F2xx
  • STM32F3xx
  • STM32L4xx
  • STM32G4xx
  • STM32F4xx
  • STM32WBxx
  • STM32WLxx
  • STM32F5xx
  • STM32U5xx
  • STM32L5xx
  • STM32F7xx
  • STM32H7xx
  • STM32H5xx
  • Xilinx Versal

Whether you need a validated software solution or hardware-backed entropy, we ensure your “random” numbers stay exactly that: random.

If you have any questions or comments, contact us at wolfSSL by emailing facts@wolfSSL.com or calling us at +1 425 245 8247.

Download wolfSSL Noe