mgd mgd - 2 months ago 9
C++ Question

Are boost UUIDs generated using default mt19937 RNG secure for session IDs?

I need to generate UUIDs for use as non-predictable / guessable session IDs.

This can easily be accomplished using boost's UUID library:

boost::uuids::uuid newUUID()
{
static boost::uuids::random_generator gen;
return gen();
}


The returned UUID can easily be converted to a string.

The above code is equivalent to:

boost::uuids::uuid newUUID()
{
static boost::uuids::basic_random_generator<boost::mt19937> gen;
return gen();
}


So we are using the Mersenne Twister 19937 pseudo random number generator. It looks like boost takes the task of seeding it properly serious.

However, I wonder if something important – security wise – is gained by using a non-deterministic RNG like boost::random_device instead, and also how it will impact the speed of UUID generation.

boost::uuids::uuid newUUID()
{
static boost::uuids::basic_random_generator<boost::random_device> gen;
return gen();
}


Advice from people with security insight is appreciated.

Answer

MT is not a cryptographically secure RNG.

boost::random_device is guaranteed (by docs) to only exist if cruptographically secure and non-deterministic. Note that this is not true of std::random_device.

For any serious application, you cannot trust a mere documented guarantee. But for a small scale unimportant one it should do.

Writing your own cryptographically secure code or system is usually a bad idea. Describe how bad it is that someone defeat your system, as that really matters to how much effort you need to put into it.

Comments