1

If I have a JavaScript CSPRNG such as isaac.random(), and I seed it using a truly random number T as such: isaac.seed(T), does this make the result of the CSPRNG more, less, or equally random?
I would imagine that with a CSPRNG such as isaac, (Which has passed TestU01) that the result would not add any randomness since isaac produces numbers indistinguishable from truly random values.
The concern I have is if this would cause less "randomness".

Marcel
  • 3,494
  • 1
  • 18
  • 35
Display Name
  • 71
  • 5
  • More, less, or equally random than what? – Ángel Aug 28 '19 at 03:03
  • Than the truly random value T – Display Name Aug 28 '19 at 03:04
  • 1
    A PRNG (and this includes CSPRNG) is a predictable algorithm. This means the value it produces from a seed can never be less predictable (i.e. more random) than the seed itself. And each value your draw (without any new seeding in between) will be less and less "true" random since otherwise the CSPRNG would have to generate randomness out of thin air - but it is as I said predictable. And TestU01 only cares about uniformness, which is a different thing than randomness. – Steffen Ullrich Aug 28 '19 at 04:31
  • @SteffenUllrich This should be posted as answer. – Marcel Aug 28 '19 at 04:58
  • After thinking about these last few questions asked... @DisplayName, are you trying to make something more secure (harder for an attacker to guess), or are you trying to implement an algorithm that improves random access speed? – Ghedipunk Aug 28 '19 at 15:37
  • Sorry for the late reply, but yeah I'm making something that's harder to guess – Display Name Aug 29 '19 at 03:26

2 Answers2

2

Since without user-seeding, the JavaScript isaac implementation uses Math.random() as a seed, you would be better off using your own seed. You cannot derive security from an insecure input. If you replaced that call with a CSPRNG input like crypto.getRandomValues(), you would have a better output. But why not just use the built-in CSPRNG if you are using it anyway to seed a less-reviewed algo? Don't roll your own crypto.

dandavis
  • 2,658
  • 10
  • 16
1

A truly random seed is essential for any Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) to provide values that are useful in a security context.

If a CSPRNG is not seeded, it does not provide any actual security at all.

Modern operating systems store bytes from various interactions that are generally considered to be actually random, such as /dev/urandom on Posix systems (Linux, Unix, etc.). Many systems will use these OS-provided sources of entropy to seed their CSPRNGs. However, before using a CSPRNG library yourself, read the documentation first to see if it seeds itself from the OS's source of entropy or not.

Ghedipunk
  • 5,766
  • 2
  • 23
  • 34