PineWikiIf you want random values in a C program, there are three typical ways of getting them, depending on how good (i.e. uniform, uncorrelated, and unpredictable) you want them to be.
1. The rand function from the standard library
E.g.
1 #include <stdio.h>
2 #include <stdlib.h>
3
4 int
5 main(int argc, char **argv)
6 {
7 printf("%d\n", rand());
8 return 0;
9 }
The rand function, declared in stdlib.h, returns a random integer in the range 0 to RAND_MAX (inclusive) every time you call it. On machines using the GNU C library RAND_MAX is equal to INT_MAX or 231-1, but it may be as small as 32767. There are no particularly strong guarantees about the quality of random numbers that rand returns, but it should be good enough for casual use, and has the advantage that as part of the C standard you can assume it is present almost everywhere.
Note that rand is a pseudorandom number generator: the sequence of values it returns is predictable if you know its starting state (and is still predictable from past values in the sequence even if you don't know the starting state, if you are clever enough). It is also the case that the initial seed is fixed, so that the program above will print the same value every time you run it (this is a feature: it permits debugging randomized programs).
If you want to get different sequences, you need to seed the random number generator using srand. A typical use might be:
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <time.h>
4
5 int
6 main(int argc, char **argv)
7 {
8 srand(time(0));
9 printf("%d\n", rand());
10 return 0;
11 }
Here time(0) returns the number of seconds since the epoch (00:00:00 UTC, January 1, 1970, for POSIX systems, not counting leap seconds). Note that this still might give repeated values if you run it twice in the same second.
2. Better pseudorandom number generators
There has been quite a bit of research on pseudorandom number generators over the years, and much better pseudorandom number generators than rand are available. The current champion for simulation work is the Mersenne Twister, which runs about 4 times faster than rand in its standard C implementation and passes a much wider battery of statistical tests. Its English-language home page is at http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html. As with rand, you still need to provide an initial seed value.
There are also cryptographically secure pseudorandom number generators, of which the most famous is Blum_Blum_Shub. These cannot be predicted based on their output if seeded with a true random value (under certain cryptographic assumptions: hardness of factoring for Blum Blum Shub). Unfortunately, cryptographic PRNGs are usually too slow for day-to-day use, and so are used mostly in cryptography.
3. Random numbers without the pseudo
If you really need actual random numbers and are on a Linux or BSD-like operating system, you can use the special device files /dev/random and /dev/urandom. These can be opened for reading like ordinary files, but the values read from them are a random sequence of bytes (including null characters). A typical use might be:
1 #include <stdio.h>
2
3 int
4 main(int argc, char **argv)
5 {
6 unsigned int randval;
7 FILE *f;
8
9 f = fopen("/dev/random", "r");
10 fread(&randval, sizeof(randval), 1, f);
11 fclose(f);
12
13 printf("%u\n", randval);
14
15 return 0;
16 }
(A similar construction can also be used to obtain a better initial seed for srand than time(0).)
Both /dev/random and /dev/urandom derive their random bits from physically random properties of the computer, like time between keystrokes or small variations in hard disk rotation speeds. The difference between the two is that /dev/urandom will always give you some random-looking bits, even if it has to generate extra ones using a cryptographic pseudo-random number generator, while /dev/random will only give you bits that it is confident are in fact random. Since your computer only generates a small number of genuinely random bits per second, this may mean that /dev/random will exhaust its pool if read too often. In this case, a read on /dev/random will block (just like reading a terminal with no input on it) until the pool has filled up again.
Neither /dev/random nor /dev/urandom is known to be secure against a determined attacker, but they are about the best you can do without resorting to specialized hardware.