A secure pseudorandom number generator

Designed by Niels Ferguson and Bruce Schneier
About Fortuna

What's a PRNG? It's a mechanism for generating random numbers on a computer. They're called pseudorandom, because you can't get truly random numbers from a completely non-random thing like a computer. In theory, true random numbers only come from truly random sources: atmospheric noise, radioactive decay, political press announcements. If a computer generates the number, another computer can reproduce the process.

A PRNG is the unsexy part of a cryptographic system. People don't think much about them, but they're used just about everywhere in cryptography. Random numbers are in session keys, initialization vectors, public-key generation, and many other places. If the random numbers are insecure, then the entire application is insecure. Algorithms and protocols can't cover for bad random numbers. When a couple of Berkeley students broke the security on Netscape Navigator, it was the PRNG they broke. (See attacks on PRNGs.)

Fortuna is a PRNG; it generates cryptographically secure pseudorandom numbers on a computer. It can also be used as a real random number generator, accepting random inputs from analog random sources. We wrote Fortuna because after analyzing existing PRNGs and breaking our share of them, we wanted to build something secure.

Fortuna is superior to the past ad hoc PRNGs that have been easily compromised. We are releasing Fortuna copyright-free, at no charge, in the public domain for general business use.