crandomcryptography

How to use ISAAC in C

I downloaded isaac64 from here and I have some problem with usage. I had to comment a part of code in isaac64.c becouse it contained main function. But I can't use it... I can't properly initialize it and get random number, can you help me? I couldn't find any example.

randinit(TRUE); 
for(i=0;i<10;i++) {
    printf("%lx\n",rand());
}

Each time I run this code I get the same values. I don't know how to set the seed.

Solution

  • This version of ISAAC is a "reference implementation" meaning it's intended to be referred to but isn't particularly user friendly or ready for production. There are any number of cryptographically secure random number generators in C that are easier to use. In particular, simply reading bytes from /dev/random is good enough on most operating systems.

    The main function demonstrates how to use the library. It's already commented out with #ifdefs. I've found using the Perl wrapper around ISAAC as a guide also helps.

    int main()
{
    /* Initialize the structure to 0 */
    randctx ctx;
    ctx.randa = ctx.randb = ctx.randc = (ub4)0;

    /* Initialize the seed */
    for (ub4 i=0; i<256; ++i) {
        ctx.randrsl[i] = i;
    }

    /* Initialize the random numbers from the seed */
    randinit(&ctx, TRUE);

    /* Print 10 pseudo random numbers */
    for(int i=0; i<10; i++) {
        printf("%.8lx\n", rand(&ctx));
    }
}

    You must supply the seed, or "entropy". If you supply the same seed you will get the same result. This is why ISAAC is a psuedo random number generator, it can only make more random-seeming numbers out of existing randomness. There is a discussion of where to get your seed from in Math::Random::ISAAC.

    If these are new concepts to you, and if this for production code, I would strongly recommend you simply read from /dev/random. This ISAAC implementation is very rough and cryptography is very easy to get wrong. /dev/random has already taken care of all of this for you.

    If you must use your own pseudo-random library, use a well-implemented and documented library like OpenSSL.

    If you're going to go through with this, I would recommend adapting the version of the code from the Perl wrapper because at least the author has cleaned it up to be release worthy.