cryptographically secure pseudo-random number generator class with an mt_rand alike method interface

0.2.2-beta 2015-10-12 16:29 UTC


#####mt_rand for the moderately paranoid citizen

Copyright (C) 2014 Gael Abadin
License: MIT Expat / beerware
Code Climate


Ever wanted a crypto safe mt_rand()? Not useful for many things I guess (maybe not useful at all), but I recently wanted to build a class able to pick random words from a dictionary in a safe way, so they could be used as passwords (Correct, horse. That's a battery staple). I probably overdid it... The result is my attempt on a "cryptographically secure" PRNG implementation with an mt_rand alike interface, including a wrapper for selecting and using the best random bytes generator from available extensions and /dev/urandom (about 100 times slower than mt_rand on a single core, by the way, so clearly there is plenty of room for improvement if you want to fork it ;-))

How to use

In a similar way as mt_rand(), random integers are chosen from a given range following a uniform distribution:

require_once 'CryptoSecurePRNG.php';
$secGen =  new synapp\info\tools\passwordgenerator\cryptosecureprng\CryptoSecurePRNG();
$randInt = $secGen->rand(); //between 0 and mt_getrandmax()
$randInt = $secGen->rand(1,100); //between 1 and 100
$randInt = $secGen->rand(-50,50); //between -50 and 50

You can also get a string of random bytes:

require_once 'CryptoSecurePRNG.php';
$secGen =  new synapp\info\tools\passwordgenerator\cryptosecureprng\CryptoSecurePRNG();
$stringLength = 20; // number of random chars to be generated
$stringOfRandomChars = $secGen->getRandomBytesString($stringLength); // generate a string of $stringLength random ascii chars (non printable too)

And here is the code to visualize the output using matlab:

// PHP code, uses cryptosecureprng rand() to generate the samples
require_once 'CryptoSecurePRNG.php';
$prng = new synapp\info\tools\passwordgenerator\cryptosecureprng\CryptoSecurePRNG();
for ($i=0;$i<1280;$i++) for ($j=0;$j<720;$j++) { 
  $out .= $prng->rand(0,255).','.$prng->rand(0,255).','.$prng->rand(0,255).',';   
$fh = fopen('testout.txt','w');
fwrite ($fh, $out);
% Matlab code, reads and displays the generated samples
C = reshape (x,720,1280,3);
C = uint8(C);

The rgb output looks like this (Uncompressed source):

1280x720 0-255 rgb output

And here is the 256-interval histogram:

256-interval, 1280x720x3 0-255 samples histogram

Check the code (or generate the docs using phpdocumentor) if you want more info on tweaks and available parameters.

If you like this class, feel free to buy me a beer ;-)

bitcoin: 15i9QKZqLuNdcyseHpjpZiPcty6FMazxk2

dogecoin: DCjimHzRu25smyjnEb7V9qFuVyf6P2JjBf

paypal: http://goo.gl/iQd1UL

Have fun.-