Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there a C++11 CSPRNG?

As we know, the Mersenne Twister is not crytographically secure:

Mersenne Twister is not cryptographically secure. (MT is based on a linear recursion. Any pseudorandom number sequence generated by a linear recursion is insecure, since from sufficiently long subsequencje of the outputs, one can predict the rest of the outputs.)

But many sources, like Stephan T. Lavavej and even this website. The advice is almost always (verbatim) to use the Mersenne Twister like this:

auto engine = mt19937{random_device{}()};

They come in different flavors, like using std::seed_seq or complicated ways of manipulating std::tm, but this is the simplest approach.

Even though std::random_device is not always reliable:

std::random_device may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) is not available to the implementation. In this case each std::random_device object may generate the same number sequence.

The /dev/urandom vs /dev/random debate rages on.

But while the standard library provides a good collection of PRNGs, it doesn't seem to provide any CSPRNGs. I prefer to stick to the standard library rather than using POSIX, Linux-only headers, etc. Can the Mersenne Twister be manipulated to make it cryptographically secure?

like image 888
user5287986 Avatar asked Sep 01 '15 10:09

user5287986


People also ask

What's the difference between a PRNG and Csprng?

PRNG encompasses all pseudo random number generators, from the horrible rand call in c, over suitable for simulations but not security ones like the mersenne twister, to the most secure cryptographic PRNG. CSPRNGs are simply the subset of PRNGs which are secure. Every stream cipher, including AES-CTR can act as CSPRNG.

What does CSPRNG do?

Secure Random Generators (CSPRNG) - Practical Cryptography for Developers. Cryptography secure pseudo-random number generators (CSPRNG) are random generators, which guarantee that the random numbers coming from them are absolutely unpredictable.

What do you use a cryptographically secure pseudo random number generator Csprng for?

Random numbers are widely used in encryption and security applications, usually to generate encryption keys or secret data to be shared between communication entities. Therefore a Random Number Generator (RNG) is a very important primitive for cryptographically secure applications [2].

What is cryptographically secure randomness?

A cryptographically secure pseudo random number generator (CSPRNG), is one where the number that is generated is extremely hard for any third party to predict what it might be.


1 Answers

Visual Studio guarantees that random_device is cryptographically secure and non-deterministic: https://msdn.microsoft.com/en-us/library/bb982250.aspx

If you want something faster or cross platform, you could for example use GnuTLS: http://gnutls.org/manual/html_node/Random-number-generation.html It provides random numbers of adjustable quality. GNUTLS_RND_RANDOM is what you want I think.

As several people already said, please forget about MT in cryptographic contexts.

like image 193
user1531083 Avatar answered Nov 08 '22 06:11

user1531083