A deterministic computer program cannot generate true random numbers. For most purposes, pseudo-random numbers suffice. A series of pseudo-random numbers is generated in a deterministic fashion. The numbers are not truly random, but they have certain properties that mimic a random series. For example, all possible values occur equally often in a pseudo-random series.
Pseudo-random numbers are generated from a seed value. Starting from
any given seed, the random
function always generates the same
sequence of numbers. By default, Emacs initializes the random seed at
startup, in such a way that the sequence of values of random
(with overwhelming likelihood) differs in each Emacs run.
The random seed is typically initialized from system entropy;
however, on obsolescent platforms lacking entropy pools,
the seed is taken from less-random volatile data such as the current time.
Sometimes you want the random number sequence to be repeatable. For
example, when debugging a program whose behavior depends on the random
number sequence, it is helpful to get the same behavior in each
program run. To make the sequence repeat, execute (random "")
.
This sets the seed to a constant value for your particular Emacs
executable (though it may differ for other Emacs builds). You can use
other strings to choose various seed values.
This function returns a pseudo-random integer. Repeated calls return a series of pseudo-random integers.
If limit is a positive integer, the value is chosen to be
nonnegative and less than limit. Otherwise, the value might be
any fixnum, i.e., any integer from most-negative-fixnum
through
most-positive-fixnum
(see Integer Basics).
If limit is a string, it means to choose a new seed based on the
string’s contents. This causes later calls to random
to return
a reproducible sequence of results.
If limit is t
, it means to choose a new seed as if Emacs
were restarting. This causes later calls to random
to return
an unpredictable sequence of results.
If you need a random nonce for cryptographic purposes, using
random
is typically not the best approach, for several reasons:
(random t)
to consult system entropy,
doing so can adversely affect other parts of your program that benefit
from reproducible results.
random
is not necessarily suitable for cryptography.
(random t)
does not give direct access to system
entropy; the entropy is passed through the system-dependent PRNG, thus
possibly biasing the results.
(random t)
call leaves information about the nonce scattered
about Emacs’s internal state, increasing the size of the internal
attack surface.
(random t)
is
seeded from a cryptographically weak source.