Difference between CryptGenRandom and CNG BCryptGenRandom APIs

Question

One of our products is currently using the CryptGenRandom API for random number generation. Recently, I came across the Cryptography API: Next Generation (CNG) that provides a new API BCryptGenRandom (in bcrypt.h) for the same. As per the description provided in MSDN - both APIs comply with the NIST SP800-90 standard in Windows Vista with Service Pack 1 (SP1) and later.

1. If I go with the default Microsoft provider, is there any difference in the random number generation process between the two APIs?
2. If there isn't any difference, should I move to the CNG API because CNG is the long-term replacement for the CryptoAPI?

Answer 1

Regarding your first question, no, as you point out, per MSDN, both APIs use the same pseudo-random number generator algorithm. Probably more relevant is to point out that both APIs use the same Windows kernel entropy source to feed the PRNG.

Regarding your second question, this is more interesting, because it raises the question of whether the host has a higher-quality RNG available as a 3rd party add-on (an example is a Hardware Security Module, HSM). A hardware RNG could be exposed via CNG (BCryptGenRandom), legacy CAPI (Crypto API, CryptGenRandom), and/or as a kernel mode entropy source. If either, but not both, of the first two, your app only benefits if it calls that specific RNG API. But if the hardware RNG is installed as a kernel entropy source, then your app benefits either way.

Whether any of this matters is more a question of the nature of your app and how it's typically used. If crypto hardware isn't likely to be part of the deployment story, then I see little reason to change your code. But if your product and crypto hardware tend to show up on the same host, your customers will benefit from you lighting up that capability.