FAQ
What generator is used in package "math/rand"[1]? Because if it's the
Mersenne Twister then it's leaking information[2]

[1]: http://golang.org/pkg/math/rand/
[2]:
https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php

--

Search Discussions

  • Bryanturley at Dec 5, 2012 at 7:03 pm

    On Wednesday, December 5, 2012 1:00:28 PM UTC-6, Archos wrote:
    What generator is used in package "math/rand"[1]? Because if it's the
    Mersenne Twister then it's leaking information[2]

    [1]: http://golang.org/pkg/math/rand/
    [2]:
    https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php
    http://golang.org/pkg/crypto/rand/ != http://golang.org/pkg/math/rand

    Both rand and hash have cryptographic (possibly slow) and non cryptographic
    (hopefully fast) implementations in most langauges libraries.
    Do we really care if it is leaking information if all we really want is
    some random numbers fast?

    --
  • Archos at Dec 5, 2012 at 7:11 pm
    El miércoles, 5 de diciembre de 2012 19:03:38 UTC, bryanturley escribió:
    On Wednesday, December 5, 2012 1:00:28 PM UTC-6, Archos wrote:

    What generator is used in package "math/rand"[1]? Because if it's the
    Mersenne Twister then it's leaking information[2]

    [1]: http://golang.org/pkg/math/rand/
    [2]:
    https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php
    http://golang.org/pkg/crypto/rand/ != http://golang.org/pkg/math/rand

    Both rand and hash have cryptographic (possibly slow) and non
    cryptographic (hopefully fast) implementations in most langauges libraries.
    Do we really care if it is leaking information if all we really want is
    some random numbers fast?
    Are you speaking in representation of everybody assuming that we all prefer
    a fast random generator rather than a secure implementation?

    --
  • Aram Hăvărneanu at Dec 5, 2012 at 7:16 pm
    The generator used in math/rand doesn't matter. Only the one in
    crypto/rand does.

    --
    Aram Hăvărneanu

    --
  • Bryanturley at Dec 5, 2012 at 7:17 pm

    On Wednesday, December 5, 2012 1:11:47 PM UTC-6, Archos wrote:

    El miércoles, 5 de diciembre de 2012 19:03:38 UTC, bryanturley escribió:
    On Wednesday, December 5, 2012 1:00:28 PM UTC-6, Archos wrote:

    What generator is used in package "math/rand"[1]? Because if it's the
    Mersenne Twister then it's leaking information[2]

    [1]: http://golang.org/pkg/math/rand/
    [2]:
    https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php
    http://golang.org/pkg/crypto/rand/ != http://golang.org/pkg/math/rand

    Both rand and hash have cryptographic (possibly slow) and non
    cryptographic (hopefully fast) implementations in most langauges libraries.
    Do we really care if it is leaking information if all we really want is
    some random numbers fast?
    Are you speaking in representation of everybody assuming that we all
    prefer a fast random generator rather than a secure implementation?
    Read my post....

    http://golang.org/pkg/crypto/rand/ != http://golang.org/pkg/math/rand

    see that line?

    --
  • Archos at Dec 5, 2012 at 7:26 pm
    El miércoles, 5 de diciembre de 2012 19:17:15 UTC, bryanturley escribió:
    On Wednesday, December 5, 2012 1:11:47 PM UTC-6, Archos wrote:


    El miércoles, 5 de diciembre de 2012 19:03:38 UTC, bryanturley escribió:
    On Wednesday, December 5, 2012 1:00:28 PM UTC-6, Archos wrote:

    What generator is used in package "math/rand"[1]? Because if it's the
    Mersenne Twister then it's leaking information[2]

    [1]: http://golang.org/pkg/math/rand/
    [2]:
    https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php
    http://golang.org/pkg/crypto/rand/ != http://golang.org/pkg/math/rand

    Both rand and hash have cryptographic (possibly slow) and non
    cryptographic (hopefully fast) implementations in most langauges libraries.
    Do we really care if it is leaking information if all we really want is
    some random numbers fast?
    Are you speaking in representation of everybody assuming that we all
    prefer a fast random generator rather than a secure implementation?
    Read my post....

    http://golang.org/pkg/crypto/rand/ != http://golang.org/pkg/math/rand

    see that line?
    I saw that line and also this one

    "Do we really care if it is leaking information if all we really want is
    some random numbers fast?"

    --
  • Andy Balholm at Dec 5, 2012 at 7:39 pm

    On Wednesday, December 5, 2012 11:26:48 AM UTC-8, Archos wrote:

    "Do we really care if it is leaking information if all we really want is
    some random numbers fast?"
    The only information it leaks is information about the state of the random
    number generator. In other words, if you watch its output long enough, you
    can predict its future output. If you're using it for something with
    security implications, this is very bad. But if you're using it to decide
    which of 500 different cat pictures to use in your blog background, it's no
    problem.

    All non-cryptographically-secure random number generators have an
    information-leakage problem, to one extent or another. That's why they're
    not considered cryptographically secure.

    --
  • Patrick Mylund Nielsen at Dec 5, 2012 at 7:17 pm
    This is completely normal. None of the crypto packages use math/rand. Don't
    use MT for cryptography.

    There are *tons* of scenarios where a non-cryptographically strong random
    number generator with good statistical properties (i.e. MT) is
    preferable--it's much, much, much faster--hence why it's the default for
    non-security packages.

    On Wed, Dec 5, 2012 at 8:00 PM, Archos wrote:

    What generator is used in package "math/rand"[1]? Because if it's the
    Mersenne Twister then it's leaking information[2]

    [1]: http://golang.org/pkg/math/rand/
    [2]:
    https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php

    --

    --
  • Archos at Dec 5, 2012 at 7:29 pm
    I know that crypto/rand uses "/dev/urandom" but I said it because if there
    is other algorithm without leaking information, it could be preferable if
    it were enough fast

    El miércoles, 5 de diciembre de 2012 19:17:39 UTC, Patrick Mylund Nielsen
    escribió:
    This is completely normal. None of the crypto packages use math/rand.
    Don't use MT for cryptography.

    There are *tons* of scenarios where a non-cryptographically strong random
    number generator with good statistical properties (i.e. MT) is
    preferable--it's much, much, much faster--hence why it's the default for
    non-security packages.


    On Wed, Dec 5, 2012 at 8:00 PM, Archos <raul...@sent.com <javascript:>>wrote:
    What generator is used in package "math/rand"[1]? Because if it's the
    Mersenne Twister then it's leaking information[2]

    [1]: http://golang.org/pkg/math/rand/
    [2]:
    https://spideroak.com/blog/20121205114003-exploit-information-leaks-in-random-numbers-from-python-ruby-and-php

    --

    --
  • Bryanturley at Dec 5, 2012 at 7:40 pm

    On Wednesday, December 5, 2012 1:29:44 PM UTC-6, Archos wrote:
    I know that crypto/rand uses "/dev/urandom" but I said it because if there
    is other algorithm without leaking information, it could be preferable if
    it were enough fast
    I think for math/rand the criteria should be solid randomness then speed.
    Anyone who cares about predictability should use crypto/rand.

    I know of a few programs that let you define the random seed in config
    files to keep the randomness predictable.
    You could think of these cases as them wanting the information to leak.


    --

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupgolang-nuts @
categoriesgo
postedDec 5, '12 at 7:00p
activeDec 5, '12 at 7:40p
posts10
users5
websitegolang.org

People

Translate

site design / logo © 2021 Grokbase