How can I generate a cryptographically secure pseudorandom number in C#?

c# cryptography

Is there any fast implementation of cryptographically secure pseudorandom number generator (CSPRNG) for C# 3.0 (.NET Framework 3.5), for authentication tokens?


Solution 1:

using System.Security.Cryptography;
...
using(RandomNumberGenerator rng = new RNGCryptoServiceProvider())
{
    byte[] tokenData = new byte[32];
    rng.GetBytes(tokenData);

    string token = Convert.ToBase64String(tokenData);
}

Solution 2:

That depends on what you mean by fast...

There is no really fast secure random generator. If you want fast, you should use the regular Random class. If you want secure you should use the random generator in the Cryptography namespace, but that is significantly slower. You simply can't have both.

Solution 3:

Upd 2022 in .Net 6 RNGCryptoServiceProvider() is obsolete, usage of static methods of RandomNumberGenerator is recommended

private string GetRandomlyGenerateBase64String(int count)
{
    return Convert.ToBase64String(RandomNumberGenerator.GetBytes(count));
}

Related

What is the purpose of AccessType.FIELD, AccessType.PROPERTY and @Access
How to handle query parameters in angular 2
Are PHP5 objects passed by reference? [duplicate]
How can I return the difference between two lists?
How do you mock a Sealed class?
The name "XYZ" does not exist in the namespace "clr-namespace:ABC"
Why does StyleCop recommend prefixing method or property calls with "this"?
Exponentials in python: x**y vs math.pow(x, y)
Merging jQuery objects
What does "TypeError 'xxx' object is not callable" means?
What causes Android's ContentResolver.query() to return null?
Make link in table cell fill the entire row height