Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator

[Rawiri Blundell]

On Mon, Jan 21, 2019 at 10:54 AM Chet Ramey <chet.ramey@case.edu> wrote:
>
> On 1/20/19 7:52 AM, Rawiri Blundell wrote:
>
> > So it might be a case of restricting the usability of this change to
> > newer kernels that have dedicated calls like getrandom() or
> > getentropy(), and having to handle detecting/selecting those?
> >
> > So if this is an exercise that you're happy to entertain, and without
> > wanting to feature-creep too much, why not something like this?
>
> I'd probably start with URANDOM as a 32-bit random integer read as
> four bytes from /dev/urandom. It's trivial to create a filename from
> that with whatever restrictions (and whatever characters) you want.
>

For what it's worth I did consider suggesting URANDOM, however I
figured some users may confuse it like this:

RANDOM -> /dev/random
URANDOM -> /dev/urandom

Couple that with an established base of myths about /dev/urandom, I
thought it might be best to suggest something else to eliminate that
potential confusion.

(SRANDOM was another one I considered, has a bit of awk familiarity to it...)

> > As an aside, I can confirm the findings of a performance difference
> > between 4.4 and 5.0 when running the script provided earlier in the
> > discussion. At first glance it seems to be due to the switch from the
> > old LCG to the current MINSTD RNG,
>
> There's no switch: the bash-4.4 generator and bash-5.0 generators are
> identical. I'll have to do some profiling when I get a chance.
>

I suspect that we're talking at cross purposes, but it's now neither
here nor there.

You've expressed that RANDOM's period and seeding are issues for you.
I think the ChaCha20 patch is a bit overkill for RANDOM's
requirements, but would you be interested in some investigation into
middle-ground alternatives like PCG or JSF32?

Rawiri