Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Not a crypto library" warning is confusing #57

Open
dcmiddle opened this issue Dec 1, 2023 · 5 comments
Open

"Not a crypto library" warning is confusing #57

dcmiddle opened this issue Dec 1, 2023 · 5 comments

Comments

@dcmiddle
Copy link

dcmiddle commented Dec 1, 2023

I've seen a few projects use rand in security sensitive code.
A reviewer may eventually point them to this warning in the book:
https://github.com/rust-random/book/blame/master/src/guide-rngs.md#L263-L271
Inferring that rand does not provide cryptographically secure prngs and they should use a different random library.

That warning was added ~5 years ago.
However in what looks like the same commit there's a section on Cryptographically secure pseudo-random number generators (CSPRNGs).
https://github.com/rust-random/book/blame/master/src/guide-rngs.md#L62

Is this warning out of date?

If it is not out of date, should it be interpreted to mean:
While this library has CSPRNGs that are in fact cryptographically secure, this is not a general purpose cryptographic library providing other algorithms like encryption and authentication? (And if you want encryption and authentication you should go to the referenced libraries instead of building your own using rand.)

If it is neither out of date nor a warning against rolling your own crypto, then it seems like the rand library documentation should be updated to remove CSPRNG references. https://docs.rs/rand/0.8.5/src/rand/rngs/mod.rs.html#53-62

Example issue:
confidential-containers/confidential-containers#44 (comment)

@dhardy
Copy link
Member

dhardy commented Dec 2, 2023

Cross-posting to the main repo.

This post can stay open: the book probably needs updating eventually.

@vks
Copy link
Contributor

vks commented Dec 2, 2023

While this library has CSPRNGs that are in fact cryptographically secure, this is not a general purpose cryptographic library providing other algorithms like encryption and authentication? (And if you want encryption and authentication you should go to the referenced libraries instead of building your own using rand.)

I think this is accurate, but we cannot guarantee that our implementations are cryptographically secure. It's more of a best-effort thing, we don't spend the resources in verifying our implementations that a crypto library might.

If you look at crypto libraries, they use getrandom directly to generate keys, and you might want to do something similar if cryptographic security is important.

@Christiaan676
Copy link

Was reading the book as I need a secure RNG and this statement confused me. Also the links suggest that the other projects provide a secure RNG. But RustCrypto has no RNG, and Ring only provides an abstraction over the OS RNG.

@vks
Copy link
Contributor

vks commented Feb 6, 2024

Ring only provides an abstraction over the OS RNG.

This is AFAIK best practice for cryptographic use cases: Don't use a user-space CSPRNG, use the OS directly (i.e. getrandom).

@dhardy
Copy link
Member

dhardy commented Apr 29, 2024

This section of the book was updated (#61) to clarify what the the crate does and doesn't attempt to provide. Nothing fundamental changes. Any comments?

Note that the book is for documentation; for changes to rand itself see my cross post to the main repo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants