While looking for best attempts at generating truly random numbers, I stumbled upon this code example.
Looking for opinions on this snippet.
private static int NextInt(int min, int max)
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
byte buffer = new byte;
int result = BitConverter.ToInt32(buffer, 0);
return new Random(result).Next(min, max);
Random rand = new Random(Environment.TickCount);
RNGCryptoServiceProvider gives you an unguessable crypto-strength seed whereas
Environment.TickCount is, in theory, predictable.
Another crucial difference would be evident when calling your
NextInt method several times in quick succession. Using
RNGCryptoServiceProvider will seed the
Random object with a different crypto-strength number each time, meaning that it will go on to return a different random number for each call. Using
TickCount risks seeding the
Random object with the same number each time (if the method is called several times during the same "tick"), meaning that it will go on to return the same (supposedly random) number for each call.
If you genuinely need truly random numbers then you shouldn't be using a computer to generate them at all: you should be measuring radioactive decay or something similarly, genuinely unpredictable.