Recommendation¶

Use a cryptographically secure pseudo-random number generator if the output is to be used in a security sensitive context. As a rule of thumb, a value should be considered “security sensitive” if predicting it would allow the attacker to perform an action that they would otherwise be unable to perform. For example, if an attacker could predict the random password generated for a new user, they would be able to log in as that new user.

For Go,crypto/rand provides a cryptographically secure pseudo-random number generator.math/rand is not cryptographically secure, and should be avoided in security contexts. For contexts which are not security sensitive,math/rand may be preferable as it has a more convenient interface, and is likely to be faster.

Example¶

The example below uses themath/rand package instead ofcrypto/rand to generate a password:

packagemainimport("math/rand")varcharset=[]rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")funcgeneratePassword()string{s:=make([]rune,20)fori:=ranges{s[i]=charset[rand.Intn(len(charset))]}returnstring(s)}

Instead, usecrypto/rand:

packagemainimport("crypto/rand""math/big")funcgeneratePasswordGood()string{s:=make([]rune,20)fori:=ranges{idx,err:=rand.Int(rand.Reader,big.NewInt(int64(len(charset))))iferr!=nil{// handle err}s[i]=charset[idx.Int64()]}returnstring(s)}

References¶

• Wikipedia.Pseudo-random number generator.

• OWASP:Insecure Randomness.

• OWASP:Secure Random Number Generation.

• Common Weakness Enumeration:CWE-338.