Skip to content
/ hash-drbg Public

Cryptographically secure pseudorandom number generator for C, C++ and Python with global-state (thread-unsafe) and thread-safe variants, implementing NIST SP 800-90A. Provided as an installable package.

License

Notifications You must be signed in to change notification settings

tfpf/hash-drbg

Repository files navigation

  • Elaine Barker and John Kelsey (2015) "Recommendation for Random Number Generation Using Deterministic Random Bit Generators". NIST SP 800-90A Rev. 1, doi:10.6028/NIST.SP.800-90Ar1.
  • Elaine Barker (2020) "Recommendation for Key Management: Part 1 – General". NIST SP 800-57 Part 1 Rev. 5, doi:10.6028/NIST.SP.800-57pt1r5.
  • National Institute of Standards and Technology (2015) "Secure Hash Standard". FIPS PUB 180-4, doi:10.6028/NIST.FIPS.180-4.

Hash Deterministic Random Bit Generator (HDRBG): Cryptographically Secure Pseudorandom Number Generator

This package provides a cryptographically secure pseudorandom number generator for C, C++ and Python. It is mostly compliant with the specification given in NIST SP 800-90A.

See doc for the documentation of this package. examples contains usage examples. For performance analysis, go to benchmarks.

Installation Requirements

These are the versions I have tested the installation with. Older versions may also work. You may not need all of these, depending on how and what you are installing

  • CMake ≥ 3.22
  • CPython ≥ 3.8 and its C headers and library
  • cURL ≥ 7.68.0
  • GCC ≥ 9.4.0 or Clang ≥ 12.0.0
  • Git ≥ 2.30.2
  • GNU Make ≥ 4.2.1
  • pip ≥ 23.0
  • pkg-config ≥ 0.29.2 or pkgconf ≥ 1.8.0

On Windows, these are available natively via MSYS2 (not recommended) and Cygwin, and in a Linux environment via WSL. On macOS, they can be installed using Homebrew; however, their Apple-specific variants provided by Xcode should also be fine.

Troubleshooting Information

Installing directly on Windows is a massive headache. MSVC adds some unnecessary flags which are incompatible with optimisation flags, so the program does not compile. Its concurrency library doesn't properly implement atomic data types, and isn't standard-compliant. Further, Windows does not provide a random device. That is why I suggest MSYS2 and Cygwin. If installation fails for you, check the workflows to see how I got it working.

cygwin unix

Install for C (and C++)

curl https://raw.githubusercontent.com/tfpf/hash-drbg/main/run.sh | sh

or

git clone https://github.com/tfpf/hash-drbg.git
cd hash-drbg
./run.sh

Next, set LD_LIBRARY_PATH and PKG_CONFIG_PATH.

export LD_LIBRARY_PATH=/usr/local/lib${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
export PKG_CONFIG_PATH=/usr/local/share/pkgconfig${PKG_CONFIG_PATH:+:$PKG_CONFIG_PATH}

Quick Start

Put the following code in a file example.c:

#include <hdrbg.h>
#include <stdio.h>

int
main(void)
{
    hdrbg_init(0);
    for (int i = 0; i < 10; ++i)
    {
        long long unsigned r = hdrbg_rand(NULL);
        printf("%llu\n", r);
    }
}

compile it with

gcc example.c -o example $(pkg-config --cflags --libs hdrbg)

and run it using

./example

to see some random numbers.

Install for Python

pip install git+https://github.com/tfpf/hash-drbg.git

or

git clone https://github.com/tfpf/hash-drbg.git
cd hash-drbg
pip install .

About

Cryptographically secure pseudorandom number generator for C, C++ and Python with global-state (thread-unsafe) and thread-safe variants, implementing NIST SP 800-90A. Provided as an installable package.

Topics

Resources

License

Security policy

Stars

Watchers

Forks