Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/avodonosov/secure-random

secure-random provides a cryptographically secure pseudo-random number generator for Common Lisp.
https://github.com/avodonosov/secure-random

Last synced: about 5 hours ago
JSON representation

secure-random provides a cryptographically secure pseudo-random number generator for Common Lisp.

Host: GitHub
URL: https://github.com/avodonosov/secure-random
Owner: avodonosov
License: mit
Created: 2011-06-01T00:24:55.000Z (over 13 years ago)
Default Branch: master
Last Pushed: 2016-01-07T12:40:01.000Z (almost 9 years ago)
Last Synced: 2023-04-22T06:40:13.147Z (over 1 year ago)
Language: Common Lisp
Homepage:
Size: 5.86 KB
Stars: 17
Watchers: 5
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README
- License: LICENSE

Awesome Lists containing this project

README

        Overview.

~~~~~~~~~

secure-random provides a cryptographically secure pseudo-random 

number generator (CSPRNG) for Common Lisp.

Example: (SECURE-RANDOM:NUMBER 10) => 9

We define an abstract interface for CSPRNG and provide a default 

implementation of that interface.

The library API.

~~~~~~~~~~~~~~~~

Class SECURE-RANDOM:GENERATOR. 

      The base class for all the possible implementations 

      of a secure random number generator.

Special variable SECURE-RANDOM:*GENERATOR*.

      Current value of the random number generator. Used as 

      the default value for the library functions parameter GENERATOR.

Generic function BYTES (COUNT GENERATOR) => random bytes.

      The only generic function which needs to be implemented 

      by a subclass of SECURE-RANDOM:GENERATOR. Generates COUNT 

      cryptographically strong pseudo-random bytes using the random 

      number generator GENERATOR. Returns the bytes as a SIMPLE-ARRAY 

      with ELEMENT-TYPE '(UNSIGNED-BYTE 8). Signals an ERROR in case 

      of problems (for example when the random number generator 

      failed to initialize itself with enough entrophy).

Function NUMBER (LIMIT &optional (GENERATOR *GENERATOR*)) => random number.

      Returns a cryptographically strong pseudo-random number that 

      is a non-negative number less than LIMIT and of the same 

      type as LIMIT (in the current implementation, only INTEGER 

      type is supporeted). LIMIT is a positive number. GENERATOR is an 

      instance of a subclass of the SECURE-RANDOM:GENERATOR. Signals 

      an ERROR in case of problems (for example when the random 

      number generator failed to initialize itself with enough entrophy).

Implementation notes.

~~~~~~~~~~~~~~~~~~~~~

The default implementation uses OpenSSL random number generator (via cl+ssl

library). We started from the OpenSSL usage because it's the simplest way.

Implementation of a pure Common Lisp CSPRNG is desirable, but it would 

require to write much more code. The problem is not in the CSPRNG algorithms 

themself, which are relatively simple (just read for example the Wikipedia article, 

and use Ironclad for the required building blocks). But the problem is in 

initialization of CSPRNG. Any CSPRNG needs to be initialized by some unguessable 

value. OpenSSL can gather the initial value from a platform specific service 

(/dev/random on Unix'es where it present, Windows Crypto API, 

Entropy Gathering Daemon, etc.). The pure Lisp CSPRNG library would need to 

re-implement all this code for gathering a truly unguessable initial value.

Contact.

~~~~~~~~

Send questions or comments to [email protected]