crypto#randomBytes 有多随机? [英] How random is crypto#randomBytes?
问题描述
crypto.randomBytes(20).toString('hex') 的随机性如何?
就这么简单,我需要知道的一切.
crypto.randomBytes() 有多随机?通常,足够随机,可用于您需要的任何目的.
crypto.randomBytes() 生成加密安全随机数据:
crypto.randomBytes(size[, callback])
生成加密强的伪随机数据.size 参数是一个数字,表示要生成的字节数.
这意味着随机数据足够安全,可以用于加密目的.事实上,该函数是只是围绕OpenSSL的一个包装器RAND_bytes() 函数.他们文档的这一部分指出:
RAND_bytes 将获取加密强随机字节.加密强字节适用于高完整性需求,例如长期密钥生成.如果您的生成器使用的是软件算法,那么字节将是伪随机的(但仍然具有很强的加密性).
除非您有硬件随机数生成器,否则字节将是伪随机——根据种子值可预测地生成.种子是从 操作系统特定源 (/dev/urandom 在类 Unix 系统上,CryptGenRandom 在 Windows 上).只要您的种子是相对随机的并且攻击者不知道,产生的数据就会看起来完全随机.
如果您愿意,可以在此处执行所述测试:><块引用>
给定任意二进制数字序列,可以使用统计技术对其进行检查.有各种可用的统计测试套件,例如 NIST 的 RANDOM NUMBER GENERATION 页面提供的 STS(统计测试套件).该套件提供了许多不同的测试,包括:
- 频率(单比特)测试:检查给定序列中 0 和 1 的比例是否与预期大致相同
- 运行测试:测试给定序列中不同长度的连续相同数字的运行次数是否符合预期
- 块中最长的单次运行:确认序列中最长的单次运行是否符合预期
这可以很好地说明生成器在系统上的随机性.不过请放心,它可能与真正的随机来源几乎无法区分,因此对于几乎所有应用程序而言,它都应该具有足够的随机性.
How random is crypto.randomBytes(20).toString('hex')?
Easy as that, all I need to know.
How random is crypto.randomBytes()? Usually, random enough for whatever purpose you need.
crypto.randomBytes() generates cryptographically secure random data:
crypto.randomBytes(size[, callback])
Generates cryptographically strong pseudo-random data. The size argument is a number indicating the number of bytes to generate.
This means that the random data is secure enough to use for encryption purposes. In fact, the function is just a wrapper around OpenSSL's RAND_bytes() function. This part of their documentation states:
RAND_bytes will fetch cryptographically strong random bytes. Cryptographically strong bytes are suitable for high integrity needs, such as long term key generation. If your generator is using a software algorithm, then the bytes will be pseudo-random (but still cryptographically strong).
Unless you have a hardware random number generator, the bytes will be pseudo-random—generated predictably from a seed value. The seed is generated from an OS-specific source (/dev/urandom on Unix-like systems, CryptGenRandom on Windows). As long as your seed is relatively random and not known to an attacker, the data produced will appear totally random.
If you like, you could perform the test described here:
Given any arbitrary sequence of binary digits it is possible to examine it using statistical techniques. There are various suites of statistical tests available such as STS (Statistical Test Suite) available from NIST's RANDOM NUMBER GENERATION page. This suite provides a number of different tests including:
- The Frequency (Monobit) Test: Checks whether the proportion of 0s and 1s in a given sequence are approximately as one would expect
- The Runs Test: Tests whether the number of runs of consecutive identical digits of varying lengths within a given sequence is as expected
- The Longest Run of Ones in a block: Confirms whether the longest single run of ones within a sequence is as would be expected
That would give you a very good indication on how random your generator is on your system. Rest assured, though, that it's likely to be virtually indistinguishable from a truly random source, so it should be sufficiently random for nearly any application.
这篇关于crypto#randomBytes 有多随机?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
