Random alphanumeric string

Cym13 cpicard at purrfect.fr
Tue Jan 31 06:29:24 UTC 2023 

On Monday, 30 January 2023 at 17:13:17 UTC, Salih Dincer wrote:
> On Monday, 20 June 2022 at 12:40:05 UTC, Cym13 wrote:
>>
>> This works, but just a gentle reminder that this must not be 
>> used to generate secrets (passwords, tokens, IDs whose 
>> disclosure could be problematic...). std.random is not 
>> cryptographically secure and therefore not fit for any 
>> security-related purpose.
>
> Can you explain this a little more? Is it possible to write our 
> own randomness algorithms or manipulate Phobos Random()?
>
> SDB at 79

There are many kinds of randomness. Phobos' is good for 
statistical analysis and things like choosing a random name 
within a list for a character. It produces numbers that show no 
clear pattern and are spread accross a given probability 
distribution. Very good for statistics.

But for security you need more. Can people that see one number 
predict the next one? What if they see 10000 numbers? And if they 
cannot predict the next number, can they know what the previous 
one was? Do the numbers end up looping at some point?

All of these scenarios lead to exploitable vulnerabilities if 
present in a security context. For example if the random number 
is used for a website's session token then it would allow you to 
deduce the session token of other people by looking at your own, 
giving you the tool to take over their account. This is what that 
comment as well as the warning in the documentation of std.random 
are about.

I've discussed PRNG-related topics in Phobos in the past:

- http://breakpoint.purrfect.fr/article/unpredictableSeed.html
- http://breakpoint.purrfect.fr/article/cracking_phobos_uuid.html

So how do we avoid that? There are pseudo-random generators that 
exist and are designed with more constraints to avoid any of the 
issues we mentioned and more. These are Cryptographically Secure 
Pseudo-Random Number Generators (CSPRNG). On linux for example 
/dev/urandom is such a CSPRNG. I know vibe.d exposes a CSPRNG as 
part of its library as well.

I would love to see a CSPRNG interface in Phobos, but at the 
moment it doesn't seem to be a priority 
(https://issues.dlang.org/show_bug.cgi?id=16493).

More information about the Digitalmars-d mailing list