Posted by dwfranken on 26-Nov-2013 04:34

We're looking for a way to generate good random SessionID's for users of our application.

Originally we were using MESSAGE-DIGEST("SHA-512", GENERATE-UIID), but as we found out, UUIDs are too deterministic, hence they are NOT a good source for a (pseudo)random byte sequence. Hashing them doesn't make this problem go away, it just hides it.

So now I'm looking at GENERATE-RANDOM-KEY, but the doc says: Generates a pseudorandom (rather than a truly random) series of bytes to use as an encryption key, and returns the key as a RAW value.

Is this something I need to be worried about? Is there any way we can use something like /dev/urandom on Linux? Does GENERATE-RANDOM-KEY use the same seed for every session?

What's the best way of generating truly cryptographically strong session ID's?

All Replies

Posted by ymaisonn on 27-Nov-2013 05:57

On Unix, you may use the audio source (ie Line in or Mic) as a source for entropy. Some projects such as audio_entropyd can feed the /dev/random device with random data captured from the audio device. (Source: )

Posted by dwfranken on 27-Nov-2013 06:14

Well, that doesn't really answer my question. My question is: Where does the entropy for GENERATE-RANDOM-KEY come from? What sort of RNG does it use under the hood? I can't find this anywhere.

Posted by Michael Jacobs on 29-Nov-2013 05:49

The GENERATE-RANDOM-KEY function uses the OpenSSL cryptographic library's default PRNG algorithm based on MD5.   The algorithm is seeded with:  Unix - 128 bits from /dev/urandom ; Windows - 80 bytes derived from the current date/time/tz.

This thread is closed