fast property

SecureRandom fast
final

A Random that is over 100 times faster than Random.secure.

The throughput is up to about 0.25 GB of random data per second.

Current algorithm

The default behavior is:

  • 12 rounds of ChaCha20. No key extraction attack has been proposed against ChaCha with more than 6 rounds so the choice has a good margin of safety.
  • 256-bit secret key is mixed (XOR) with numbers from Random.secure at least once every 8192 blocks. This is also done if more than 10 milliseconds has passed since the last reseed event.
  • After a block has been computed, the block counter is incremented.
  • After a block has been computed, the last 128 bits of the secret key is immediately mixed (XOR) with the first 128 bits of the state. The first 128-bits of the state are then zeroed and skipped. This provides backtracking resistance.
  • State bits are erased after they have been read so a memory dump won't reveal them.

Example

import 'package:cryptography/random.dart';

void main() {
  final random = SecureRandom.instance;
  final x = random.nextInt(100);
  print('x = $x');
}

Implementation

static final SecureRandom fast = _ChachaRandom(
  rounds: 12,
  maxBlocksBeforeReseed: 8192,
  maxDurationBeforeReseed: const Duration(milliseconds: 10),
);