对于那些赶时间，这是不会相关争议的 Dual_EC_DRBG 里面种植NIST的SP800-90A。

关于两种随机数发生器：

微软BCRYPT基础层之一就是在他们的C API。 BCryptGenRandom 是继NIST SP800-90A的 CTR_DRBG （即使用经批准的分组密码算法，AES，创建随机位）。不过，目前尚不清楚，如果它使用硬件随机源作为种子（或者种子的一部分）

微软.NET RNGCryptoServiceProvider 是基于C＃。纵观 .NET源$ C ​​$ C （或此处），我看到它最终调用C ++的方法 CapiNative.GenerateRandomBytes（）。应该有一个的P / Invoke存根的C＃=> C ++转换，但我找不到它的框架源代码的任何地方。所以，我不知道它是如何切实执行。

有没有人有这两个随机数生成器的更多信息？请执行以下任/都使用硬件的随机种子（或者通过在较旧的英特尔二极管噪声或在最新的英特尔的争议 RDRAND ）。

PS：不知道它这应该是在安全，计算器或密码...

微软.NET RNGCryptoServiceProvider是一个基于C＃

不完全是，该管理框架类只是一个瘦包装了内置在Windows中加密API。他的名字到底有的ServiceProvider 所有System.Security.Cryptography类包装了原生API。那些名称结尾的管理​​在纯管理code实现的。因此， XxxServiceProvider 类使用FIPS验证cryptogaphy，而 XxxManaged 类都没有。

据不完全的PInvoke，它采用的通用机制，使在CLR code直接调用。抖动咨询与C ++函数地址表和直接编译CALL机code指令。该机制在描述这个答案。具有看看实际code是不可能的，这是不包括在SSCLI20分布和改变为使用QCall机构在.NET 4

因此​​，断言是无法证实的，但它是pretty的可能RNGCryptoServiceProvider和算法提供传递给BCryptGenRandom（）使用相同的源代码的随机数。这在Windows中是advapi.dll一位不愿透露姓名的导出函数，这个答案给出了它采用的一个很好的总结。

如果这个真正关系到你和你想的可靠的信息来源则不会从你的安全需要一个免费的Q +一个网站采取的意见。调用Microsoft技术支持。

For those in a hurry, this is NOT related to the controversial Dual_EC_DRBG planted inside NIST's SP800-90A.

About the two RNGs:

The Microsoft BCRYPT layer based one is over their C API. BCryptGenRandom is following NIST SP800-90A's CTR_DRBG (i.e. uses an approved block cipher, AES, to create random bits). However it is unclear if it uses a hardware random source as seed (or part of the seed)...

The Microsoft .NET RNGCryptoServiceProvider is C# based. Looking at the .NET source code (or here), I see it end up calling the C++ method CapiNative.GenerateRandomBytes(). There should have been a P/Invoke stub for the C#=>C++ transition but I couldn't find it anywhere in the framework source. So I have no idea how it's actually implemented.

Does anyone have additional information on these two random number generators? Do either/both use HW random seeds (either via diode noise in older intels or the controversial RDRAND in the latest intels).

PS: Not sure it this should be at Security, StackOverflow or Cryptography ...

The Microsoft .NET RNGCryptoServiceProvider is a C# based

Not exactly, the managed framework class is just a thin wrapper over the Crypto api built into Windows. All the System.Security.Cryptography classes whose name end with ServiceProvider are wrappers for the native API. Those whose name ends in Managed are implemented in pure managed code. Accordingly, the XxxServiceProvider classes use FIPS validated cryptogaphy, and the XxxManaged classes are not.

It is not exactly pinvoke, it uses a common mechanism to make direct calls in CLR code. The jitter consults a table with addresses of C++ functions and compiles the CALL machine code instruction directly. The mechanism is described in this answer. Having a look at the actual code isn't possible, it isn't included in the SSCLI20 distribution and was altered to use the QCall mechanism in .NET 4.

So the assertion is unprovable, but it is pretty likely that RNGCryptoServiceProvider and the algorithm provider you pass to BCryptGenRandom() use the same source for random numbers. Which in Windows is an unnamed exported function in advapi.dll, this answer gives an excellent summary of what it uses.

If this truly concerns you and you want a reliable source of information then don't take advice from a free Q+A web site for your security needs. Call Microsoft Support.