std :: random_device密码安全吗? [英] Is std::random_device cryptographic secure?

问题描述

我看到许多人一起谈论安全性和 std :: random_device .

I see many people talk about security and std::random_device together.

例如，根据 cppreference ， std :: random_device :

std :: random_device是均匀分布的整数随机数生成器，它生成不确定的随机数.

std::random_device is a uniformly-distributed integer random number generator that produces non-deterministic random numbers.

它没有明确地讨论安全性.

It does not talk about security explicitly.

是否存在任何明确提及 std :: random_device 的有效引用对密码术是安全的?

Is there any valid reference that explicitly mentions std::random_device is secure for cryptography?

推荐答案

否，因为这不是 std :: random_device 的设计目标；它被设计为生成随机数，而不是安全的.

No, because that's not what std::random_device is designed for; it's designed to generate random numbers, not to be secure.

在安全性方面，随机性对于密钥生成很有用，但是随机性并不是绝对必要的.例如， AES 不使用任何随机性，但是AES-256是用于加密顶部美国的机密信息.

In the context of security, randomness is something that is useful for key generation, but randomness is not something that is absolutely needed. For example, AES does not use any randomness, yet AES-256 is what is used to encrypt top secret information in the US.

随机密钥和安全性交叉的一个区域是生成和使用随机密钥的时间；如果我能猜出种子并知道所使用的随机协议，那么很有可能我可以使用相同的种子值生成相同的随机"值，从而生成相同的密钥.

One area where randomness and security cross, is when a random key is generated and used; if I can guess the seed and know the random protocol used, there's a good chance I can then use that same seed value to generate the same "random" value and thus the same key.

std :: random_device 将如果可用，请使用硬件模块(例如硬件 TPM )，否则它将使用任何操作系统具有RNG格式(例如 CryptGenRandom ，或 /dev/random (在* nix系统中)，甚至可能是PRNG(伪随机数生成器)，根据所使用的随机数算法，它可能会生成相同的数字.附带说明一下:很像 AES指令集被集成到芯片组中以加快加密和加密的速度.解密，硬件RNG 有助于在移动算法时提供更大的熵池和更快的随机数生成进入硬件.

std::random_device will use a hardware module (like a hardware TPM) if one is available, otherwise it will use whatever the OS has as a RNG (like CryptGenRandom in Windows, or /dev/random in *nix systems), which might even be a PRNG (pseudo-random number generator), which might generate the same number depending on the random number algorithm used. As a side note: much like how the AES instruction set was incorporated into chipsets to speed up encryption and decryption, hardware RNG's help to give a larger entropy pool and faster random number generation as the algorithms are moved into hardware.

因此，如果您在任何类型的加密密钥生成中使用 std :: random_device ，则需要知道要在其上部署的系统上使用的随机数生成器，否则可能会发生冲突，因此您的加密系统很容易受到重复的密钥攻击类型的影响.

So if you are using std::random_device in any sort of cryptographic key generation, you'll need to be aware what random number generator is being used on the system being deployed to, otherwise you can have collisions and thus your encrypted system can be susceptible to duplicate key types of attack.

希望可以提供帮助.

这篇关于std :: random_device密码安全吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！