How does Cygwin's /dev/random and urandom work?
 

Does anybody knows how does Cygwin's /dev/urandom works? Like, what algorithm it uses, where does the entropy comes from, stuff like that?

I'm considering if this device's randomness is worth using to erase an entire drive from Windows, or whether it's faster than Debian's /dev/urandom which tops at 12 MB/s on my desktop computer (using two concurrent dd processes), which is far too slow when you have to generate like 500 GB of pseudorandom data.

The cygwin /dev/random makes use of the underlying CryptGenRandom from the Windows API. This draws from a number of entropy sources (though the code is not open source), such as process id, thread id, system clock, system time, a hash of the user environment block, and so on.

The cygwin /dev/urandom falls back to a pseudo random generator based on the linear congruence one described in Knuth (with a multiplier of 6364136223846793005 and shift of 21). Although it is a high quality random generator, it is not cryptographically strong, so if you really need more security than just writing zeros to the disk sectors (!), then /dev/urandom is perhaps not the best way to go.

If you are generating a significant amount of random data from /dev/urandom, don't forget to use block reads (so that the call overhead is minimized), or just implement the random generator yourself (it is only a few lines of code).