Bytes::Random::Secure -- A no-fuss CSPRNG.

There are a lot of contributions on CPAN that fill one niche or another with respect to pseudo-randomness generation. What is hard to find is a solution that provides cryptographically secure pseudo random number generation, reliable and strong seeding, a light-weight dependency chain, and cross platform compatibility through a wide range of operating systems and Perl versions.

Bytes::Random::Secure is one of those modules that gets written to fill a personal need, and then begins to take on a broader life of its own. As is often the case, the contributions of others in the community have served to improve the module beyond its original specifications. Dana Jacobsen provided a lot of suggestions, and even went so far as to create a new seeding module (Crypt::Random::Seed) which helped Bytes::Random::Secure to reduce its dependency footprint greatly.

Bytes::Random::Secure starts with a simple user interface based on Bytes::Random, and adds a more suitable randomness source, and some additional utilities. Its RNG comes from Math::Random::ISAAC, and its seeding comes from Crypt::Random::Seed. Its most useful functions are probably random_bytes(), random_string_from(), and irand(). By using its OO interface the user gets finer control over seeding characteristics, though an attempt has been made to choose safe and sane defaults that should be reliable out of the box with no configuration.

The specs: An ISAAC CSPRNG, strong seeding, only three non-Core dependencies, compatibility with Perl 5.6 and newer, and support for all common platforms. ...and for a CSPRNG, it's pretty quick, especially if the optional Math::Random::ISAAC::XS dependency is installed.

Leave a comment

About David Oswald

user-pic daoswald [a@t] gmail [d0_t] com