To generate true random values that can be used for cryptography std::random_device
has to be used as generator.
#include <iostream>
#include <random>
int main()
{
std::random_device crypto_random_generator;
std::uniform_int_distribution<int> int_distribution(0,9);
int actual_distribution[10] = {0,0,0,0,0,0,0,0,0,0};
for(int i = 0; i < 10000; i++) {
int result = int_distribution(crypto_random_generator);
actual_distribution[result]++;
}
for(int i = 0; i < 10; i++) {
std::cout << actual_distribution[i] << " ";
}
return 0;
}
std::random_device
is used in the same way as a pseudo random value generator is used.
However std::random_device
may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) isn’t available to the implementation.
Detecting such implementations should be possible via the [entropy
member function](http://en.cppreference.com/w/cpp/numeric/random/random_device/entropy) (which return zero when the generator is completely deterministic), but many popular libraries (both GCC’s libstdc++ and LLVM’s libc++) always return zero, even when they’re using high-quality external randomness.