Difference between CryptGenRandom API and CNG BCryptGenRandom

Question

Difference between CryptGenRandom API and CNG BCryptGenRandom

One of our products is currently using the CryptGenRandom API to generate random numbers. I recently came across the Cryptography API: Next Generation (CNG), which provides a new BCryptGenRandom API (in bcrypt.h) for it. According to the description provided in MSDN, both APIs comply with the NIST standard SP800-90 in Windows Vista Service Pack 1 (SP1) and later.

If I go with the default Microsoft provider, is there a difference in generating random numbers between the two APIs?
If it makes no difference, should you switch to the CNG API because CNG is a long-term replacement for CryptoAPI?

+4

c ++ windows cryptography winapi cryptoapi

Naveen May 18 '16 at 5:04

source share

1 answer

hdracer · Answer 1 · 2016-12-16T00:07:12+0000

As for your first question, no, as you point out, for MSDN, both APIs use the same pseudo-random number generation algorithm. Most likely, it is more important to note that both APIs use the same source of entropy of the Windows kernel to provide PRNG.

, , , RNG, ( , HSM). RNG CNG (BCryptGenRandom), CAPI (Crypto API, CryptGenRandom) / . , , , , API RNG. RNG , .

- , . , . , , , , .

Difference between CryptGenRandom API and CNG BCryptGenRandom

More articles: