[Haskell-cafe] Cryptographically secure random numbers?
thomas.dubuisson at gmail.com
Sun Oct 5 17:21:47 UTC 2014
I've reviewed a few of the crypto RNGs on my blog:
- DRBG (disclaimer: my package)
Three generators, HMAC, Hash, and CTR. All standards based and all
using the Crypto.Random class interface from crypto-api.
One generator, afaict its an ad hoc creation of the author.
Another ad hoc creation, but its more straight-forward (AES in counter
mode) and has impressive performance.
> Ideally, I'd like to fulfill as many of these points as possible:
> - Few big/complicated dependencies.
True for threse packages, though my DRBG package does pull in crypto-api.
> - Avoid native C if possible (ditto for non-base dependencies).
Avoid native C or avoid external C libraries? The DRBG generators
could be paired with Adam's SHA package or Vincent's Haskell AES to
give you a Haskell-only generator, but it will be slower than using
the C implementations of AES or SHA2. This seems like a rather odd
> - Avoid RDRAND if possible.
That's about the seed and not the generator. The `entropy` package
now produces data that is an xor of urandom (or Windows cryptapi) and
RDRAND (when available). RDRAND can be completely disabled by a flag
in the cabal.
I'm not sure what the `crypto-random` package does here, which is the
entropy source typically used by `cprng-aes`, but I'd avoid it just
because its lack of referential transparency.
> - Cross-platform if possible, but the main platform would be Linux.
I think all of these are cross platform and in the past all the
authors have been fairly responsive so send in any issues.
More information about the Haskell-Cafe