Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/paragonie/seedspring
Seeded, Deterministic PRNG (based on AES-CTR instead of LCG)
https://github.com/paragonie/seedspring
Last synced: about 2 months ago
JSON representation
Seeded, Deterministic PRNG (based on AES-CTR instead of LCG)
- Host: GitHub
- URL: https://github.com/paragonie/seedspring
- Owner: paragonie
- License: mit
- Created: 2015-12-22T18:47:16.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-05-08T16:50:03.000Z (4 months ago)
- Last Synced: 2024-07-27T08:22:33.204Z (about 2 months ago)
- Language: PHP
- Size: 28.3 KB
- Stars: 39
- Watchers: 7
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# seedspring
[![Build Status](https://github.com/paragonie/seedspring/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/seedspring/actions)
Seeded, Deterministic PRNG (based on AES-CTR instead of LCG) (**Requires PHP 7 or [random_compat](https://github.com/paragonie/random_compat)**)
## Security Warning
This is not meant to replace `random_bytes()`. Think of this as an improvement
to `srand()` + `rand()`. **Do not use this for security purposes.**## Installing
```sh
composer require paragonie/seedspring
```### Usage
```php
use \ParagonIE\SeedSpring\SeedSpring;// For example
$sharedSeed = str_repeat("\x80", 16);$rng = new SeedSpring($sharedSeed);
$data = $rng->getBytes(1024);
$int = $rng->getInt(1, 100);
```### Motivation
A cryptographically secure pseudorandom number generator, such as `random_int()`,
is wonderful for security purposes. However, there are situations where you need
to generate a deterministic, pseudorandom byte stream on two devices from a
shared seed. (e.g. something like Minecraft's world generator).PHP's native seedable (and insecure) RNGs, `rand()` and `mt_rand()`, only
support a 32-bit integer seed, which severely limits the possible outputs. Our
deterministic RNG supports up to 2^128 possible outputs, since it's based on a
128-bit block cipher.Our implementation uses AES-128-CTR to turn a finite, 128-bit key into an
practically endless stream of random bytes.It will repeat after 2^132 bytes of output. You should consider rekeying after
2^66 bytes.For anything security-sensitive, you should rekey after 2^39 bytes. This is
because the probability of predicting successive blocks becomes unacceptably
high for security operations.