A strong, fast (amortized), non-portable RNG
This is the "standard" RNG, a generator with the following properties:
- Non-portable: any future library version may replace the algorithm and results may be platform-dependent. (For a portable version, use the rand_chacha crate directly.)
- CSPRNG: statistically good quality of randomness and unpredictable
- Fast (amortized): the RNG is fast for bulk generation, but the cost of method calls is not consistent due to usage of an output buffer.
The current algorithm used is the ChaCha block cipher with 12 rounds. Please see this relevant rand issue for the discussion. This may change as new evidence of cipher security and performance becomes available.
Seeding (construction)
This generator implements the [SeedableRng] trait. Any method may be used, but note that seed_from_u64 is not suitable for usage where security is important. Also note that, even with a fixed seed, output is not portable.
Using a fresh seed direct from the OS is the most secure option:
use StdRng;
let rng = try_from_os_rng?;
Seeding via rand::rng() may be faster:
use StdRng;
let rng = rng;
let rng = from_rng;
Any [SeedableRng] method may be used, but note that seed_from_u64 is not suitable where security is required. See also Seeding RNGs in the book.
Methods
Return a random u64 value via a standard uniform distribution.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Return a random i64 value via a standard uniform distribution.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Return a random char value via a standard uniform distribution.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Return a random bool value via a standard uniform distribution.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Return a random u64 value via a standard uniform constrained with a range.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Return a random i64 value via a standard uniform constrained with a range.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Return a random char value via a standard uniform constrained with a range.
Example
use StdRng;
let rng = try_from_os_rng?;
let x = rng.;
println!;
Create a new PRNG seeded from an infallible Rng.
This may be useful when needing to rapidly seed many PRNGs from a master PRNG, and to allow forking of PRNGs. It may be considered deterministic.
The master PRNG should be at least as high quality as the child PRNGs. When seeding non-cryptographic child PRNGs, we recommend using a different algorithm for the master PRNG (ideally a CSPRNG) to avoid correlations between the child PRNGs. If this is not possible (e.g. forking using small non-crypto PRNGs) ensure that your PRNG has a good mixing function on the output or consider use of a hash function with from_seed.
Note that seeding XorShiftRng from another XorShiftRng provides an extreme example of what can go wrong: the new PRNG will be a clone of the parent.
PRNG implementations are allowed to assume that a good RNG is provided for seeding, and that it is cryptographically secure when appropriate. As of rand 0.7 / rand_core 0.5, implementations overriding this method should ensure the implementation satisfies reproducibility (in prior versions this was not required).
Create a new PRNG seeded from a potentially fallible Rng.
See [from_rng][$ty::from_rng] docs for more information.
Creates a new instance of the RNG seeded via getrandom.
This method is the recommended way to construct non-deterministic PRNGs since it is convenient and secure.
Note that this method may panic on (extremely unlikely) getrandom errors. If it's not desirable, use the try_from_os_rng method instead.
Panics
If getrandom is unable to provide secure entropy this method will panic.
Create a new PRNG using the given seed.
PRNG implementations are allowed to assume that bits in the seed are well distributed. That means usually that the number of one and zero bits are roughly equal, and values like 0, 1 and (size - 1) are unlikely. Note that many non-cryptographic PRNGs will show poor quality output if this is not adhered to. If you wish to seed from simple numbers, use seed_from_u64 instead.
All PRNG implementations should be reproducible unless otherwise noted: given a fixed seed, the same sequence of output should be produced on all runs, library versions and architectures (e.g. check endianness). Any "value-breaking" changes to the generator should require bumping at least the minor version and documentation of the change.
It is not required that this function yield the same state as a reference implementation of the PRNG given equivalent seed; if necessary another constructor replicating behaviour from a reference implementation can be added.
PRNG implementations should make sure from_seed never panics. In the case that some special values (like an all zero seed) are not viable seeds it is preferable to map these to alternative constant value(s), for example 0xBAD5EEDu32 or 0x0DDB1A5E5BAD5EEDu64 ("odd biases? bad seed"). This is assuming only a small number of values must be rejected.
Create a new PRNG using a u64 seed.
This is a convenience-wrapper around from_seed to allow construction of any SeedableRng from a simple u64 value. It is designed such that low Hamming Weight numbers like 0 and 1 can be used and should still result in good, independent seeds to the PRNG which is returned.
This is not suitable for cryptography, as should be clear given that the input size is only 64 bits.
Implementations for PRNGs may provide their own implementations of this function, but the default implementation should be good enough for all purposes. Changing the implementation of this function should be considered a value-breaking change.