Alternative Cryptographic Secure Pseudo Random Number Generator for C# [closed]

I

2

5

After all this NSA stuff I was just wondering if anybody knows alternatives to the System.Security.Cryptography.RNGCryptoServiceProvider() from .NET - maybe an Open Source solution?

I tried to search for it, but wasn't really successful, so I hope anybody from the community has an idea?

Thanks

Indistinctive answered 12/9, 2013 at 17:45 Comment(7)

Why do you need an alternate when you have one in hand? – Underquote 12/9, 2013 at 17:49

He just said "after all this NSA stuff". That stands for National Security Agency or in other words a bunch of people who might be able somehow to turn encrypted text into clear text – Impart 12/9, 2013 at 17:55

@SriramSakthivel for one because I'm paranoid (see fiercegovernmentit.com/story/… and technewsdaily.com/18525-microsoft-nsa-encryption.html) and second because I was just wondering :-) – Indistinctive 12/9, 2013 at 17:56

Don't know about BouncyCastle for sure, but our SecureBlackbox includes a cryptographically strong PRNG. Note, that any PRNG depends on good source of random seed data. – Burgonet 12/9, 2013 at 18:7

I've also looked at Mono, but Mono seems to rely directly on the random number generators of the operating system – Shemikashemite 12/9, 2013 at 21:17

Writing a PRNG algo is easy. The main difficulty is seeding it and figuring out when it's sufficiently seeded to emit the first outputs. – Jonajonah 13/9, 2013 at 7:29

You could use OpenSSL with p/invoke. – Jonajonah 15/9, 2013 at 18:17

S

3

There are two random number generators in Bouncy Castle - C# version that may be of use: DigestRandomGenerator and VmpcRandomGenerator, both in the crypto.prng name space. The trick is to seed those random entropy from a source you can trust.

Note that I am unfamiliar with the VMPC algorithm. The DigestRandomGenerator largely depends on the security of the underlying hash function (SHA-512 is pretty secure and fast on 64 bit hardware). It is a rather simple implementation, but it should be secure none-the-less.

Shemikashemite answered 12/9, 2013 at 21:16 Comment(6)

The interesting question is how those get seeded. – Jonajonah 3/10, 2013 at 17:39

@Jonajonah As always, yes, but the question was rather specifically for a CSPRNG. – Shemikashemite 3/10, 2013 at 17:49

I doubt that the OP actually made a distinction between the deterministic part and the part that gathers entropy. What matters is getting secure random numbers even when you mistrust CryptGenRandom. – Jonajonah 3/10, 2013 at 17:58

@Jonajonah Well, if you don't trust Microsoft on a Microsoft system, the options are slim to non-existent. You could post that as an answer, but that would be kicking in doors already open. – Shemikashemite 3/10, 2013 at 18:4

Are those NIFS SP 800-90A revision 1 compliant? – Burrus 19/7, 2018 at 14:15

@SusarlaNikhilesh No, it looks similar but not the same as HashDRBG. – Shemikashemite 20/7, 2018 at 16:47

M

4

Using new .NET 6 APIs Generating random numbers from a CSPNG (Cryptographically Secure Pseudorandom Number Generator) is easier than ever:

// Give me 200 random bytes
var bytes = RandomNumberGenerator.GetBytes(200);

Mintun answered 24/8, 2021 at 4:16 Comment(1)

I believe the original question was related to en.wikipedia.org/wiki/Dual_EC_DRBG. Just because .net provides a random number api, does not give you confidence that it is truly random. – Barrault 24/8, 2021 at 4:24

S

3