Home
C#
RNGCryptoServiceProvider Example
Updated May 2, 2023
Dot Net Perls
BitConverterbyte ArrayRandom

RNGCryptoServiceProvider

This generates high-quality random numbers. With it, we use an RNG (random number generator) that is as random as possible.

This helps in applications where random numbers must be completely random. RNGCryptoServiceProvider has a cost: it reduces performance over the Random type.

Example

The most useful method on RNGCryptoServiceProvider is the GetBytes method. You can enclose it in a using-statement. We fill a 4-byte array with GetBytes 10 times.

Then We use BitConverter.ToInt32 to change those 4-byte arrays into integers. This yields random integers.
Result The output looks random. I haven't run any tests of randomness on RNGCryptoServiceProvider or compared it to the Random type.
using System;
using System.Security.Cryptography;

using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider())
{
    // Buffer storage.
    byte[] data = new byte[4];

    // Ten iterations.
    for (int i = 0; i < 10; i++)
    {
        // Fill buffer.
        rng.GetBytes(data);

        // Convert to int 32.
        int value = BitConverter.ToInt32(data, 0);
        Console.WriteLine(value);
    }
}
461315061
-1277834804
-1239389884
-1540126655
1669339804
1436197105
-473414988
-264059284
-1832694377
-1929982707

RandomNumberGenerator

In .NET 7, when we try to compile a program with RNGCryptoServiceProvider, we get a warning that it is obsolete. We can use RandomNumberGenerator to fix this.

Tip RandomNumberGenerator.Create is a static method. We can use it in a using-statement (much like RNGCryptoServiceProvider).
using System;
using System.Security.Cryptography;

// Use static RandomNumberGenerator class to fix compile-time warning.
using (var rng = RandomNumberGenerator.Create())
{
    byte[] data = new byte[4];
    rng.GetBytes(data);
    int value = BitConverter.ToInt32(data, 0);
    Console.WriteLine(value);
}
1290897236

We can benchmark RNGCryptoServiceProvider and Random. I tested methods that call Next() for Random. The objects were created outside of the inner loop.

Result It is clear from these results that you might end up with a slow program if you overuse RNGCryptoServiceProvider.
Time for one random int from RNGCryptoServiceProvider: 2796.19 ns
Time for one random int from Random:                      9.30 ns

Discussion

So when should you use RNGCryptoServiceProvider? My expectation is that for most programs, Random is sufficient and preferable due to its simplicity.

But For important programs RNGCryptoServiceProvider is better because it is less prone to problems with its randomness.

We looked at the RNGCryptoServiceProvider type. With this type, you can fill byte arrays with random values. Then you can convert those byte arrays to integral types or use them directly.

Dot Net Perls is a collection of pages with code examples, which are updated to stay current. Programming is an art, and it can be learned from examples.
Donate to this site to help offset the costs of running the server. Sites like this will cease to exist if there is no financial support for them.
Sam Allen is passionate about computer languages, and he maintains 100% of the material available on this website. He hopes it makes the world a nicer place.
This page was last updated on May 2, 2023 (new example).
Home
Changes
© 2007-2025 Sam Allen