mardi 1 septembre 2015

Is there a C++11 CSPRNG?

As we know, the Mersenne Twister is not crytographically secure1:

Mersenne Twister is not cryptographically secure. (MT is based on a linear recursion. Any pseudorandom number sequence generated by a linear recursion is insecure, since from sufficiently long subsequence of the outputs, one can predict the rest of the outputs.)

But many sources, like Stephan T. Lavavej2 and even this website3. The advice is almost always (verbatim) to use the Mersenne Twister like this:

auto engine = mt19937{random_device{}()};

They come in different flavors, like using std::seed_seq or complicated ways of manipulating std::tm, but this is the simplest approach.

Even though std::random_device is not always reliable4:

std::random_device may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) is not available to the implementation. In this case each std::random_device object may generate the same number sequence.

The /dev/urandom vs /dev/random debate rages on5.

But while the standard library provides a good collection of PRNGs, it doesn't seem to provide any CSPRNGs. I prefer to stick to the standard library rather than using POSIX, Linux-only headers, etc. Can the Mersenne Twister be manipulated to make it cryptographically secure?

Links

  1. <http://ift.tt/1JJhnsb;

  2. rand() Considered Harmful, Going Native 2013

    <http://ift.tt/1NUKcYY;

  3. Random number generation in C++11 , how to generate , how do they work?

    <http://ift.tt/1JJhnsh;

  4. <http://ift.tt/1JJhlR5;

  5. Myths about /dev/urandom

    <http://ift.tt/1JJhlR7;

Aucun commentaire:

Enregistrer un commentaire