As I see it, there are two kinds of random-number generators needed by applications:

- Unpredictable random generators (also known as "cryptographically strong" or "cryptographically secure") are needed by some applications for data security, usually in encryption or secure communication protocols, and in some online games. The goal here is to keep the random numbers from being guessed easily.
- Statistically random generators are needed by simulations and many games to bring an element of chance and variation to the application. The goal here is for each possible outcome to be equally likely. Statistically random generators can simulate dice, playing card shuffling, etc.

The following is a sketch of a C programming interface that specifies two functions that could meet these two needs.

```
int random(byte[] bytes, size_t size);
```

Generates random bits using an unpredictable-random implementation.

An unpredictable-random implementation generates random bits that are unpredictable, such that an outside party with no knowledge of the implementation's internal state can't guess the next bit of the random sequence correctly with more than a 50% chance, even with many months of effort and even if the random algorithm used and extremely many outputs of the implementation are known. This kind of implementation should also reseed its internal state from time to time to ensure each bit of the output is unpredictable even if an outside party somehow gains knowledge of its internal state.

Examples:

- The "/dev/urandom" device on many Unix-based operating systems.
- The CryptGenRandom function on Windows
- Cryptographic hash functions that take unpredictable signals as input (such as disk access and keystroke timings).

Unpredictable-random implementations should select algorithms that are reasonably fast for most applications.

"bytes" is a pointer to a byte array, "size" is the number of random bytes to generate. Each byte in each byte will be randomly set to 0 or 1. Returns 0 if the function succeeds, and nonzero otherwise.

```
int random_fast(byte[] bytes, size_t size);
```

Generates random bits using a statistical-random implementation. The implementation may instead use an unpredictable-random implementation as long as the function remains at least as fast, in the average case, as the statistical-random implementation it would otherwise use.

A statistical-random implementation generates random bits that do not show a deviation from uniform randomness in more than a negligible number of sequences with a huge number of generated bits, as can be detected by statistical tests, and each run of the implementation is almost certain to generate a different sequence of random bits than a significant number of runs before it. A statistical-random implementation may be seeded with random bits from an unpredictable-random implementation.

Examples:

- The XorShift random number generator
- The JKISS random number generator

Statistical-random implementations should select algorithms that are reasonably fast for most applications.

"bytes" is a pointer to a byte array, "size" is the number of random bytes to generate. Each byte in each byte will be randomly set to 0 or 1. Returns 0 if the function succeeds, and nonzero otherwise.

Note that in `random_fast`

I don't suggest any linear congruential algorithms as random number generators (such as the one used in Java's Random class); they're mostly too simple and usually don't have appropriate statistical properties for uniform randomness.