SHA based random number generator implementation(CSPRNG).
SHA based random number generator implementation(CSPRNG).
The generator bases on an internal structure that has been presented in FIPS 186-1 Appendix 3.2, which is why it is sometimes named as "DSA PRNG" or "FIPS PRNG" in the literature. Outputs are generated by hashing the internal generator state, and the feedback path applies a linear transformation to the state which is hashed again to create further next outputs. Thus, a potential state compromise may allow recovering preceding generator outputs, because linear operations in the feedback path are invertible. Thereby, this generator gets along with a single hash computation per block which makes the generator lightweight in comparison to more advanced CSPRNGs.
This implementation can be run with the SHA-1 or SHA-256 hash function for creating outputs. SHA-1 has been deprecated by NIST in 2011 due to a collision- and potential brute-force attack. Thus, SHA-256 can be used as an alternative. To select one or the other, export USEMODULE += prng_sha1prng or USEMODULE += prng_sha256prng during compilation.