Does MySQL have a cryptographically secure random number generator?

Question

So far I have been using PHP to create cryptographically secure random values, with openssl_random_pseudo_bytes. I would like to generate a cryptographically secure token within a stored function, is RAND() what I am looking for, or is it not cryptographically secure?

Answer 1

I was looking into the same issue. RANDOM_BYTES(len) seems to be the solution that we have been looking for

https://dev.mysql.com/doc/refman/5.7/en/encryption-functions.html#function_random-bytes

would use something like HEX(RANDOM_BYTES(length_of_session_cookie))

Answer 2

http://dev.mysql.com/doc/refman/5.7/en/mathematical-functions.html

RAND() is not meant to be a perfect random generator. It is a fast way to generate random numbers on demand that is portable between platforms for the same MySQL version.

If developer says that he didn't develop his function to be perfectly random for me it means a function is probably not perfectly random. And for cryptography you want as random as possible.