다음을 통해 공유


Random Data Generation (Windows CE 5.0)

Use CryptGenRandom to generate random data, and not the C run-time function rand. rand is a simple function that uses the last generated number as the seed to create the next number and is thus predictable, which makes the data insecure.

The function CryptGenRandom has two of the properties of a good random number generator, unpredictability and even value distribution. On a Windows CE device, entropy is generated for CryptGenRandom by the following sources:

  • Thread and kernel switches (CeGetRandomSeed)
  • The current process identifier (GetCurrentProcessId)
  • The current thread identifier (GetCurrentThreadId)
  • Ticks since boot (GetTickCount)
  • Current time (GetLocalTime)
  • Memory information (GlobalMemoryStatus)
  • Object store statistics (GetStoreInformation)

All of this information is added to a buffer, which is hashed using MD4 and used as the key to modify a buffer, using RC4, provided by the user.

If the Cryptography Services Catalog item is not included in your OS design, you can also use CeGenRandom to generate random numbers.

See Also

Enhancing the Security of a Device

Last updated on Thursday, February 02, 2006

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.