有C ++ 11 CSPRNG吗? [英] Is there a C++11 CSPRNG?
问题描述
我们知道,梅森·扭转者在影像学上是不安全的:
As we know, the Mersenne Twister is not crytographically secure:
Mersenne Twister不是加密安全的.(MT是基于线性递归.由a生成的任何伪随机数序列线性递归是不安全的,因为从足够长的子序列开始可以预测其余的输出.)
Mersenne Twister is not cryptographically secure. (MT is based on a linear recursion. Any pseudorandom number sequence generated by a linear recursion is insecure, since from sufficiently long subsequencje of the outputs, one can predict the rest of the outputs.)
但是许多来源,例如 Stephan T. Lavavej 甚至是此网站.像这样使用梅森绞肉机的建议几乎总是(普通):
But many sources, like Stephan T. Lavavej and even this website. The advice is almost always (verbatim) to use the Mersenne Twister like this:
auto engine = mt19937{random_device{}()};
它们具有不同的风格,例如使用 std :: seed_seq
或操纵 std :: tm
的复杂方法,但这是最简单的方法./sub>
They come in different flavors, like using std::seed_seq
or complicated ways of manipulating std::tm
, but this is the simplest approach.
即使 std :: random_device
并不总是可靠:
std :: random_device
可以根据实现定义的伪随机数引擎,如果非确定性来源(例如硬件设备)不可用于实施.在这种情况下,每个std :: random_device
对象都可以产生相同的数字序列.
std::random_device
may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) is not available to the implementation. In this case eachstd::random_device
object may generate the same number sequence.
/dev/urandom
与/dev/random
辩论愤怒.
但是,尽管标准库提供了不错的PRNG集合,但似乎没有提供任何CSPRNG.我更喜欢使用标准库,而不是使用POSIX,仅Linux标头等.可以操纵Mersenne Twister使其在密码上安全吗?
But while the standard library provides a good collection of PRNGs, it doesn't seem to provide any CSPRNGs. I prefer to stick to the standard library rather than using POSIX, Linux-only headers, etc. Can the Mersenne Twister be manipulated to make it cryptographically secure?
推荐答案
Visual Studio保证 random_device
是加密安全的且不确定的: https://msdn.microsoft.com/en-us/library/bb982250.aspx
Visual Studio guarantees that random_device
is cryptographically secure and non-deterministic:
https://msdn.microsoft.com/en-us/library/bb982250.aspx
如果您希望更快或更跨平台,则可以使用GnuTLS: http://gnutls.org/manual/html_node/Random-number-generation.html 它提供可调节质量的随机数. GNUTLS_RND_RANDOM
是您想要的.
If you want something faster or cross platform, you could for example use GnuTLS: http://gnutls.org/manual/html_node/Random-number-generation.html
It provides random numbers of adjustable quality. GNUTLS_RND_RANDOM
is what you want I think.
正如几个人已经说过的,请忘记密码环境中的MT.
As several people already said, please forget about MT in cryptographic contexts.
这篇关于有C ++ 11 CSPRNG吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!