Cryptographically secure RNG in C++ for RSA PKCS#1 (key generation)

1
votes

I'm trying to re-implement the RSA key generation in C++ (as a hobby/learning playground) and by far my biggest problem seems to be generating a random number in range x,y which is also cryptographically secure (the primes p and q, for example).

I suppose using mt19937 or std::rand with a secure random seed (e.g. /dev/urandom or OpenSSL RAND_bytes etc) would not be considered 'cryptographically secure' in this case (RSA)?

ISAAC looked promising but I have zero clue on how to use it since I wasn't able to find any documentation at all.

Notably, this is also my first C++ project (I've done some C, Rust etc before... So C++ at least feels somewhat familiar and I'm not a complete newbie, mind you).

1
c++randomcryptographyrsa
You don't need a pseudo-random number generator. Just fetch as many bytes as you need from /dev/urandom or rand_bytes. - r3mainer

1 Answers

2
votes

I suppose using mt19937 or std::rand with a secure random seed (e.g. /dev/urandom or OpenSSL RAND_bytes etc) would not be considered 'cryptographically secure' in this case (RSA)?

No, those are not cryptographically secure for basically any purpose.

ISAAC looked promising but I have zero clue on how to use it since I wasn't able to find any documentation at all.

Well, it stood the time I suppose. But I'd simply use a C++ library such as Crypto++ or Botan or something similar and then just implement the RSA key pair generation bit, borrowing one of their secure random generators. With a bit of luck they also have a bignum library so that you don't have to implement that either.