dalek-cryptography / x25519-dalek

X25519 elliptic curve Diffie-Hellman key exchange in pure-Rust, using curve25519-dalek.
BSD 3-Clause "New" or "Revised" License
326 stars 132 forks source link

On the usage os OsRng #86

Open S3j5b0 opened 2 years ago

S3j5b0 commented 2 years ago

Hi, this is more of a question than a issue.

In the example that you give of creating keypairs, you use the rand_core Osrng:


use rand_core::OsRng;
use x25519_dalek::{EphemeralSecret, PublicKey};

let alice_secret = EphemeralSecret::new(OsRng);
let alice_public = PublicKey::from(&alice_secret);

After reading a bit up on the osrng, I read that it was not a cryptographically secure source of randomness, and that I should use a resource that specifcally had a focus on that.

The most common option for a csprg, seems to be the StdRng in the rand crate. That I was advised to use.

Is it possible to use use rand::{rngs::StdRng}; to create keypairs in your crate? or is the use of osrng completely unproblematic?

sgkoishi commented 2 years ago

The secret itself requires RngCore + CryptoRng and StdRng already impl that - but different version... The rest of the world use rand_core 0.6 but this crate use rand_core 0.5 so you'll get the trait bound "XxxRng: rand_core::RngCore" is not satisfied the trait "rand_core::RngCore" is not implemented for "XxxRng" the trait bound "XxxRng: rand_core::CryptoRng" is not satisfied the trait "rand_core::CryptoRng" is not implemented for "XxxRng"

There is a pr for version bump and everything should be fine and you can use StdRng or OsRng from rand_core 0.6 or whatever (hopefully, but nobody review or merge the pr)

kohsine commented 2 years ago

Can I use something other than OsRng? I've been trying to substitute other cores but I'm getting trait not satisfied errors.