Do you know what a pseudorandom number generator is? Have you ever thought about how to generate pseudorandom numbers? The **randomness** It is a concept that is commonly used in various fields of science. In the case of computing, for example, we do not find the exception. In this post, we will talk about a tool that is related to the concept of randomness and how it can be applied to the field of cryptography. Next, we will explain what it is, how it works and what it can be used for.** pseudorandom number generator (PRNG)**.

## What is a pseudorandom number generator?

Pseudorandom number generators (PRNG) are deterministic algorithms (that is, with a single *input* the same is always generated *output*) What are they** capable of generating patterns from a seed** (either *seeds*, in English). You can use the *output* from a prng stream like *keystream* (Ks) in an algorithm *stream*. However, this requires that the PRNG be cryptographically secure and never use the same seed more than once.

Pseudorandom number generators are used, for example, in studies of *data science*. When you need to test a random data set and then be able to replicate those results, a PRNG is used and can thus be obtained using a simple seed of information. Sometimes the seed is the time code automatically generated by the computer, but below we will see that **there are safe and unsafe PRNGs** that can be used in cryptography.

*Marsenne Twister PRNG (MT19937)*

*Marsenne Twister PRNG (MT19937)*

The MT19931 is the pseudorandom number generator used by programming languages such as **Python** and **C++** default. It is one of the most popular PRNG algorithms, but is not considered cryptographically secure. Its characteristics are the following:

Use an internal state **624 integers 32 bit**, which are initially generated from the seed. Every 624

*outputs*, a permutation is performed on the internal state. Its period is 219937, a number that was calculated especially for the operation of the algorithm. For each

*output*a

*integrate*32 bit and

**submits it to a function**what is

**reversible**. Dice 624

*outputs*of MT19937, the internal state can be replicated and, therefore,

**you can predict what the future is**.

*outputs*through a brute force attack## How do you choose safe seeds for a PRNG?

Even if the pseudorandom number generator is developed securely for cryptography, **the seed must be generated secretly and confidentially**, so that the algorithm cannot be broken. To do this, the following recommendations must be followed when choosing the seed for a PRNG:

Seeds should NOT be generated from time codes automatically generated by the computer. The ** timestamps They are not a reliable source of randomness.**since, if the time in which the seed was created is known, then it is easy to find it through a brute force attack.

**You should never reuse a seed**if you want to use it to generate a

*keystream*for cryptography.

**You should always use a real and safe source of randomness**using methods like the ones we will explain below.

*Real randomness*

*Real randomness*

To obtain a real and safe source of randomness, one must achieve** without using a deterministic algorithm**. To do this, methods based on:

**sources of entropy,** such as the movement of the mouse, the behavior of certain *drivers*etc.

**Device information hardware**. That is, the use of physical variables such as the noise generated by a microphone, the digital noise of a photograph, small changes in temperature, etc.

## What are PRNGs used for?

In cryptography,** PRNGs can be used for generating keystreams insurance**. Some cryptographic models, such as

*stream*, require these infinite keys, which are generated from pseudorandom numbers. For cryptography

*stream*For example, it requires that a

*keystream*has the following characteristics:

**It should look random at first glance.**but not be and be generated by a small key.

**The key must not be found** from the cryptanalysis of *keystream*.

**You must generate a keystream new every time** to be used in an algorithm.

Therefore, the use of a pseudorandom number generator is recommended. **cryptographically secure** for the generation of these *keystreams* or key streams.

## How to learn more?

Now you know what a pseudorandom number generator is and how it is used in cryptography. However, the world of cybersecurity is much broader, and if you want to become an expert in the field, you still need to continue learning about the subject. The time has come to take a step forward and take charge of your training; Therefore, you cannot miss our Full Stack Cybersecurity Bootcamp, where **you will specialize in less than 7 months**. **Sign up now!**