FAQ
Hello,

I've been looking around and I haven't been able to find a
cryptographically secure pseudorandom number generator (CSPRNG) for GO. I
did see a thread about crypto/Fortuna but it seems that it has been
discontinued for over 2 years. I would use crypt/rand but it's unclear how
I can seed it in a way that is shareable (i.e., if I were to share the seed
with someone else, they should be able to use it to generate the same
sequence of random numbers). I guess my question really is: is there anyone
out there who's implemented a CSPRNG? if not, I guess I'll just update the
old fortuna code and see if I can get it to work.

Thanks!

Search Discussions

  • Jan Mercl at Sep 1, 2012 at 6:18 am

    On Sat, Sep 1, 2012 at 4:34 AM, sga wrote:
    I've been looking around and I haven't been able to find a cryptographically
    secure pseudorandom number generator (CSPRNG) for GO. I did see a thread
    about crypto/Fortuna but it seems that it has been discontinued for over 2
    years. I would use crypt/rand but it's unclear how I can seed it in a way
    that is shareable (i.e., if I were to share the seed with someone else, they
    should be able to use it to generate the same sequence of random numbers). I
    guess my question really is: is there anyone out there who's implemented a
    CSPRNG? if not, I guess I'll just update the old fortuna code and see if I
    can get it to work.
    I *think* the FCPRNGs from
    http://go.pkgdoc.org/github.com/cznic/mathutil, based on some prime
    number properties are, when using N bits window of every M bits
    generated, N < M, cryptographically secure wrt state comprimising for
    some values of N, M. What concerns the pseudo randomness per se, here
    are some results for a window 8/32 bits and a default seed:
    https://github.com/cznic/mathutil/blob/master/nist-sts-2-1-1-report.

    -j
  • Dmitry Chestnykh at Sep 1, 2012 at 9:15 am

    On Saturday, September 1, 2012 4:34:00 AM UTC+2, sga wrote:
    Hello,

    I've been looking around and I haven't been able to find a
    cryptographically secure pseudorandom number generator (CSPRNG) for GO. I
    did see a thread about crypto/Fortuna but it seems that it has been
    discontinued for over 2 years. I would use crypt/rand but it's unclear how
    I can seed it in a way that is shareable (i.e., if I were to share the seed
    with someone else, they should be able to use it to generate the same
    sequence of random numbers). I guess my question really is: is there anyone
    out there who's implemented a CSPRNG? if not, I guess I'll just update the
    old fortuna code and see if I can get it to work.
    If you need CSPRNG with a sharable seed, why not use AES in CTR mode?
    http://golang.org/pkg/crypto/cipher/#NewCTR

    That would basically be the Fortuna's generator, providing that your seed
    is random, and excluding the key change, which might not make sense to do
    depending on how you share the seed.

    -Dmitry
  • Jochen Voss at Apr 6, 2014 at 8:29 pm
    Hi sga,
    On Saturday, 1 September 2012 03:34:00 UTC+1, sga wrote:

    I've been looking around and I haven't been able to find a
    cryptographically secure pseudorandom number generator (CSPRNG) for GO. I
    did see a thread about crypto/Fortuna but it seems that it has been
    discontinued for over 2 years. I would use crypt/rand but it's unclear how
    I can seed it in a way that is shareable (i.e., if I were to share the seed
    with someone else, they should be able to use it to generate the same
    sequence of random numbers). I guess my question really is: is there anyone
    out there who's implemented a CSPRNG? if not, I guess I'll just update the
    old fortuna code and see if I can get it to work.
    Just came across this by chance (and I know you asked the question a long
    time ago). There is now an implementation of Fortuna for Go available
    at https://github.com/seehuhn/fortuna .

    I hope this helps,
    Jochen

    --
    You received this message because you are subscribed to the Google Groups "golang-nuts" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Oleku Konko at Apr 6, 2014 at 11:07 pm
    A good implementation of Fortuna was proposed but stylishly rejected by the
    GO Team

    See:

    - https://codereview.appspot.com/42560043/

    -
    https://groups.google.com/forum/#!searchin/golang-dev/fortuna|sort:relevance|spell:true/golang-dev/q4VsFoeLxOQ/AtWOyPkHWMEJ

    I really hope that decision can be reviewed


    On Sunday, April 6, 2014 9:29:07 PM UTC+1, Jochen Voss wrote:

    Hi sga,
    On Saturday, 1 September 2012 03:34:00 UTC+1, sga wrote:

    I've been looking around and I haven't been able to find a
    cryptographically secure pseudorandom number generator (CSPRNG) for GO. I
    did see a thread about crypto/Fortuna but it seems that it has been
    discontinued for over 2 years. I would use crypt/rand but it's unclear how
    I can seed it in a way that is shareable (i.e., if I were to share the seed
    with someone else, they should be able to use it to generate the same
    sequence of random numbers). I guess my question really is: is there anyone
    out there who's implemented a CSPRNG? if not, I guess I'll just update the
    old fortuna code and see if I can get it to work.
    Just came across this by chance (and I know you asked the question a long
    time ago). There is now an implementation of Fortuna for Go available at
    https://github.com/seehuhn/fortuna .

    I hope this helps,
    Jochen
    --
    You received this message because you are subscribed to the Google Groups "golang-nuts" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Sga at Apr 7, 2014 at 12:06 am
    Thanks for your reply! Obviously I got around this issue a while ago, and
    ended up implementing ChaCha instead (see
    http://cr.yp.to/chacha/chacha-20080128.pdf).
    On Sunday, April 6, 2014 4:29:07 PM UTC-4, Jochen Voss wrote:

    Hi sga,
    On Saturday, 1 September 2012 03:34:00 UTC+1, sga wrote:

    I've been looking around and I haven't been able to find a
    cryptographically secure pseudorandom number generator (CSPRNG) for GO. I
    did see a thread about crypto/Fortuna but it seems that it has been
    discontinued for over 2 years. I would use crypt/rand but it's unclear how
    I can seed it in a way that is shareable (i.e., if I were to share the seed
    with someone else, they should be able to use it to generate the same
    sequence of random numbers). I guess my question really is: is there anyone
    out there who's implemented a CSPRNG? if not, I guess I'll just update the
    old fortuna code and see if I can get it to work.
    Just came across this by chance (and I know you asked the question a long
    time ago). There is now an implementation of Fortuna for Go available at
    https://github.com/seehuhn/fortuna .

    I hope this helps,
    Jochen
    --
    You received this message because you are subscribed to the Google Groups "golang-nuts" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupgolang-nuts @
categoriesgo
postedSep 1, '12 at 2:34a
activeApr 7, '14 at 12:06a
posts6
users5
websitegolang.org

People

Translate

site design / logo © 2021 Grokbase