Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there a C++11 CSPRNG?

Tags:

c++

random

c++11

mersenne-twister

As we know, the Mersenne Twister is not crytographically secure:

Mersenne Twister is not cryptographically secure. (MT is based on a linear recursion. Any pseudorandom number sequence generated by a linear recursion is insecure, since from sufficiently long subsequencje of the outputs, one can predict the rest of the outputs.)

But many sources, like Stephan T. Lavavej and even this website. The advice is almost always (verbatim) to use the Mersenne Twister like this:

auto engine = mt19937{random_device{}()};

They come in different flavors, like using std::seed_seq or complicated ways of manipulating std::tm, but this is the simplest approach.

Even though std::random_device is not always reliable:

std::random_device may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) is not available to the implementation. In this case each std::random_device object may generate the same number sequence.

The /dev/urandom vs /dev/random debate rages on.

But while the standard library provides a good collection of PRNGs, it doesn't seem to provide any CSPRNGs. I prefer to stick to the standard library rather than using POSIX, Linux-only headers, etc. Can the Mersenne Twister be manipulated to make it cryptographically secure?

like image 888
user5287986 Avatar asked Sep 01 '15 10:09

user5287986

People also ask

What's the difference between a PRNG and Csprng?

PRNG encompasses all pseudo random number generators, from the horrible rand call in c, over suitable for simulations but not security ones like the mersenne twister, to the most secure cryptographic PRNG. CSPRNGs are simply the subset of PRNGs which are secure. Every stream cipher, including AES-CTR can act as CSPRNG.

What does CSPRNG do?

Secure Random Generators (CSPRNG) - Practical Cryptography for Developers. Cryptography secure pseudo-random number generators (CSPRNG) are random generators, which guarantee that the random numbers coming from them are absolutely unpredictable.

What do you use a cryptographically secure pseudo random number generator Csprng for?

Random numbers are widely used in encryption and security applications, usually to generate encryption keys or secret data to be shared between communication entities. Therefore a Random Number Generator (RNG) is a very important primitive for cryptographically secure applications [2].

What is cryptographically secure randomness?

A cryptographically secure pseudo random number generator (CSPRNG), is one where the number that is generated is extremely hard for any third party to predict what it might be.

1 Answers

Visual Studio guarantees that random_device is cryptographically secure and non-deterministic: https://msdn.microsoft.com/en-us/library/bb982250.aspx

If you want something faster or cross platform, you could for example use GnuTLS: http://gnutls.org/manual/html_node/Random-number-generation.html It provides random numbers of adjustable quality. GNUTLS_RND_RANDOM is what you want I think.

As several people already said, please forget about MT in cryptographic contexts.

like image 193
user1531083 Avatar answered Nov 08 '22 06:11

user1531083
Sign in to Comment

Related questions

c++, opencv: Is it safe to use the same Mat for both source and destination images in filtering operation?
C++ tellg() return type
Conditional operator + upcast + const reference
How to use basic_ostringstream with stateful custom allocator?? (C++11)
Is the static initialization of global variables completed before `main()`?
Default move constructor in a sub class
Is there a template debugger?
Destruction order of statically initialized, non-literal objects
How to specify compiler flag to a single source file with qmake?
How to fix unresolved externals of SDL 2.0.3 on Visual Studio 2015 Preview?
What is meaning of locality of data structure?
How to build Qt with custom compiler and custom flags?
Can a class hierarchy be safe and trivially copyable?
Limitations of Common Subexpression Elimination in C++
Linker error with variable templates
Initialize member before base constructor. Possible? [duplicate]
In C++11, how can I implement an arithmetic type that fits into the hierarchy of builtin types?
decltype() of captured variable in lambda: GCC bug and/or Clang bug?
Does the C++ standard force capture-by-reference of local variables to be inefficient? [duplicate]
Safely convert int to enum

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!