A deterministic computer program cannot generate true random
numbers. For most purposes, *pseudo-random numbers* suffice. A
series of pseudo-random numbers is generated in a deterministic
fashion. The numbers are not truly random, but they have certain
properties that mimic a random series. For example, all possible
values occur equally often in a pseudo-random series.

Pseudo-random numbers are generated from a *seed value*. Starting from
any given seed, the `random`

function always generates the same
sequence of numbers. By default, Emacs initializes the random seed at
startup, in such a way that the sequence of values of `random`

(with overwhelming likelihood) differs in each Emacs run.
The random seed is typically initialized from system entropy;
however, on obsolescent platforms lacking entropy pools,
the seed is taken from less-random volatile data such as the current time.

Sometimes you want the random number sequence to be repeatable. For
example, when debugging a program whose behavior depends on the random
number sequence, it is helpful to get the same behavior in each
program run. To make the sequence repeat, execute `(random "")`

.
This sets the seed to a constant value for your particular Emacs
executable (though it may differ for other Emacs builds). You can use
other strings to choose various seed values.

- Function:
**random**`&optional limit`¶ This function returns a pseudo-random integer. Repeated calls return a series of pseudo-random integers.

If

`limit`is a positive integer, the value is chosen to be nonnegative and less than`limit`. Otherwise, the value might be any fixnum, i.e., any integer from`most-negative-fixnum`

through`most-positive-fixnum`

(see Integer Basics).If

`limit`is a string, it means to choose a new seed based on the string’s contents. This causes later calls to`random`

to return a reproducible sequence of results.If

`limit`is`t`

, it means to choose a new seed as if Emacs were restarting. This causes later calls to`random`

to return an unpredictable sequence of results.

If you need a random nonce for cryptographic purposes, using
`random`

is typically not the best approach, for several reasons:

- Although you can use
`(random t)`

to consult system entropy, doing so can adversely affect other parts of your program that benefit from reproducible results. - The system-dependent pseudo-random number generator (PRNG) used by
`random`

is not necessarily suitable for cryptography. - A call to
`(random t)`

does not give direct access to system entropy; the entropy is passed through the system-dependent PRNG, thus possibly biasing the results. - On typical platforms the random seed contains only 32 bits, which is typically narrower than an Emacs fixnum, and is not nearly enough for cryptographic purposes.
- A
`(random t)`

call leaves information about the nonce scattered about Emacs’s internal state, increasing the size of the internal attack surface. - On obsolescent platforms lacking entropy pools,
`(random t)`

is seeded from a cryptographically weak source.