有C ++ 11 CSPRNG吗? [英] Is there a C++11 CSPRNG?

问题描述

我们知道，梅森·扭转者在影像学上是不安全的:

As we know, the Mersenne Twister is not crytographically secure:

Mersenne Twister不是加密安全的.(MT是基于线性递归.由a生成的任何伪随机数序列线性递归是不安全的，因为从足够长的子序列开始可以预测其余的输出.)

Mersenne Twister is not cryptographically secure. (MT is based on a linear recursion. Any pseudorandom number sequence generated by a linear recursion is insecure, since from sufficiently long subsequencje of the outputs, one can predict the rest of the outputs.)

但是许多来源，例如 Stephan T. Lavavej 甚至是此网站.像这样使用梅森绞肉机的建议几乎总是(普通):

But many sources, like Stephan T. Lavavej and even this website. The advice is almost always (verbatim) to use the Mersenne Twister like this:

auto engine = mt19937{random_device{}()};

_{它们具有不同的风格，例如使用 std :: seed_seq 或操纵 std :: tm 的复杂方法，但这是最简单的方法./sub>}

_{They come in different flavors, like using std::seed_seq or complicated ways of manipulating std::tm, but this is the simplest approach.}

即使 std :: random_device 并不总是可靠:

std :: random_device 可以根据实现定义的伪随机数引擎，如果非确定性来源(例如硬件设备)不可用于实施.在这种情况下，每个 std :: random_device 对象都可以产生相同的数字序列.

std::random_device may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) is not available to the implementation. In this case each std::random_device object may generate the same number sequence.

/dev/urandom 与/dev/random 辩论愤怒.

但是，尽管标准库提供了不错的PRNG集合，但似乎没有提供任何CSPRNG.我更喜欢使用标准库，而不是使用POSIX，仅Linux标头等.可以操纵Mersenne Twister使其在密码上安全吗?

But while the standard library provides a good collection of PRNGs, it doesn't seem to provide any CSPRNGs. I prefer to stick to the standard library rather than using POSIX, Linux-only headers, etc. Can the Mersenne Twister be manipulated to make it cryptographically secure?

推荐答案

Visual Studio保证 random_device 是加密安全的且不确定的: https://msdn.microsoft.com/en-us/library/bb982250.aspx

Visual Studio guarantees that random_device is cryptographically secure and non-deterministic: https://msdn.microsoft.com/en-us/library/bb982250.aspx

如果您希望更快或更跨平台，则可以使用GnuTLS: http://gnutls.org/manual/html_node/Random-number-generation.html 它提供可调节质量的随机数. GNUTLS_RND_RANDOM 是您想要的.

If you want something faster or cross platform, you could for example use GnuTLS: http://gnutls.org/manual/html_node/Random-number-generation.html It provides random numbers of adjustable quality. GNUTLS_RND_RANDOM is what you want I think.

正如几个人已经说过的，请忘记密码环境中的MT.

As several people already said, please forget about MT in cryptographic contexts.

这篇关于有C ++ 11 CSPRNG吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！