go get github.com/awnumar/fastrand
fastrand implements a cryptographically secure pseudorandom number generator. The generator is seeded using the system's default entropy source, and thereafter produces random values via repeated hashing. As a result,
fastrand can generate randomness much faster than
crypto/rand, and generation cannot fail beyond a potential panic during
fastrand was forked from
gitlab.com/NebulousLabs/fastrand. This version of the package uses securely allocated memory provided by
fastrand also scales better than
math/rand when called in parallel. In fact,
fastrand can even outperform
math/rand when using enough threads.
// 32 byte reads BenchmarkRead32 10000000 175 ns/op 181.86 MB/s BenchmarkReadCrypto32 500000 2733 ns/op 11.71 MB/s // 512 kb reads BenchmarkRead512kb 1000 1336217 ns/op 383.17 MB/s BenchmarkReadCrypto512kb 50 33423693 ns/op 15.32 MB/s // 32 byte reads using 4 threads BenchmarkRead4Threads32 3000000 392 ns/op 326.46 MB/s BenchmarkReadCrypto4Threads32 200000 7579 ns/op 16.89 MB/s // 512 kb reads using 4 threads BenchmarkRead4Threads512kb 1000 1899048 ns/op 1078.43 MB/s BenchmarkReadCrypto4Threads512kb 20 97423380 ns/op 21.02 MB/s
fastrand uses an algorithm similar to Fortuna, which is the basis for the
/dev/random device in FreeBSD. However, although the techniques used by
fastrand are known to be secure, the specific implementation has not been reviewed by a security professional. Use with caution.
The general strategy is to use
crypto/rand at init to get 32 bytes of strong entropy. From there, the entropy is concatenated to a counter and hashed repeatedly, providing 64 bytes of random output each time the counter is incremented. The counter is 16 bytes, which provides strong guarantees that a cycle will not be seen throughout the lifetime of the program.
sync/atomic package is used to ensure that multiple threads calling
fastrand concurrently are always guaranteed to end up with unique counters.