-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use a JavaScript PRNG (in addition) for better performance #11
Comments
I believe the whole idea of this module is to provide a RNG that is guaranteed to be a CSPRNG. Providing a JS fallback would precisely remove the guarantee that this module is trying to give. |
@ctavan, the point of this module is indeed to have a CSPRNG, but I'm not suggesting a JS fallback, but rather a CSPRNG implemented in JS seeded from a secure source. The problem with having a CSPRNG in RN without a native module is that we don't usually have access to a good source of random data. Though the moment we do (like with this module), we can seed a JS PRNG with this random data and use that to generate secure random data. It's exactly how native RNGs work. They get some real entropy from a real source of random data (which with my suggestion we still will), and then use that to generate an unpredictable stream of psuedo-random data. For whatever it's worth, this is how all major libraries work (at least in JS land), for example libsodium.js and SJCL. |
I guess it depends on how one is using the module, but I think it would be nice to show some numbers and demonstrating an actual problem that would be solved by doing this before doing it. As the code is now, there isn't really that much that could go wrong, which is really good since crypto is very easy to get wrong. If we were to add a PRNG we would need to be responsible for that one as well, and we need to be sure that we are using it correctly, and that it has sufficient random distribution... Basically, I'm not totally against this, but I really want to see that we are solving some actual problem if we are going to do it... |
Hey @LinusU, thanks for your comment.
I agree simplicity is good, and I agree with your comment about the numbers. Crossing through the react-native bridge is notoriously slow, and my app is asking for a lot of random numbers so it was visibly slow.
Use a well known dependency, such as SJCL (see the link from my original post). Then you don't need to test anything, it's a well known and battle tested library that will provide the PRNG on the JS side.
Sure thing. I respect this position. |
Ahh, I didn't understand that you were actually having problems, lets look into this then 👍 It seems like all the major browsers are using XorShift128+, I haven't looked at what SJCL is using yet ref: https://hackaday.com/2015/12/28/v8-javascript-fixes-horrible-random-number-generator/ |
It's visibly slow, but I haven't properly benchmarked this to make sure the random number generation is indeed the cause and there wasn't anything else that changed at the same time. That's why I want to have a better look and get real numbers. As for SJCL, it uses Fortuna. More info: https://bitwiseshiftleft.github.io/sjcl/doc/sjcl.prng.html See what I did in the repo I linked to in my first post. I just built a very trimmed down SJCL with only the necessary parts (the random number generation), though you can probably just use a full blown SJCL build without having to trim it down. |
Just to let you know: I have been working on https://github.com/consento-org/get-random-values-polypony which should be significantly and uses XorShift128 ported from v8. (also it works with expo) |
@martinheidegger, I'd be a bit weary about using a PRNG you created yourself, even if just ported. There are so many places where this can go wrong... |
@tasn What suggests that I have not been weary? It took me considerable amount of time and effort to implement and test this. I looked at the other implementations, and all had other drawbacks that are very unappealing (like shown in this issue). With the given tests I went over the minimum to cover as many bases as I could find but yes: I am sharing it here because it is not being looked at by enough people, and it is my hope that the library actually contributes to fix this issue. |
I understand my wording may have been confusing, but I am the one who is weary. Why not use a well tested and audited PRNG like the one in SJCL (see the very simple code in expo-crypto)? |
|
@martinheidegger, cryptography is different to regular software engineering because in cryptography things look as if they work, but they may actually be completely broken... So yeah, unless something as important as a PRNG hasn't been properly audited no one should use it. All of modern cryptography relies on solid RNG. |
@LinusU, I just realised I forgot to get back to you with numbers, here is the test I ran:
RN doesn't have
On my browser (though on my computer, not my phone), it's:
I also ran it again on my computer with a much larger value and then I'm getting: I think it's worth pursuing this improvement, what do you think? As I said above, it's really simple, the code is already there in my |
Turns out that expo@39 will come with its own |
beginning of off topic discussion not to derail too much here, but i don't quite understand this logic @tasn:
can you elaborate on your motivation for why you think it would be better to fork an expo library to try not to "rely on expo"? what is it you're concerned about? |
It's not a fork of expo-crypto, it's just really poor naming on my part. It's not a fork, it's a tiny library that should have been called expo-get-random-values. Anyhow, as @martinheidegger just said, it looks like expo is going to have this (yay), so my lib can be deprecated. The advantage of my lib over this one was that it was possible to use it in expo. What I meant with my comment regarding rely on expo: is that some apps don't use expo, that's why I want this lib (this being react-native-get-random-values) to work well, because my library only works on expo. I hope it's clear. |
@tasn - fyi you can use libraries like expo-random anywhere, you don't need to use expo managed workflow :) https://blog.expo.io/you-can-now-use-expo-apis-in-any-react-native-app-7c3a93041331 - we made this possible ~1.5 yrs ago |
@brentvatne, yeah, I'm aware (I'm also an occasional expo contributor). Though setting up unimodules is just too much of a pain and it's really not worth it just for this tiny piece of code. It's extra important for me because I'm not only building apps, but building packages, and I don't want my users to have to set up unimodules and go through all of this pain just to use my lib. |
@tasn - makes sense. yeah we need to get rid of that overhead. it's very useful to reuse native code through dependency injection across modules (expo-camera can use expo-permissions and expo-file-system native modules by requesting a module that implements the permissions / filesystem interfaces) but it's very hard for people to see the benefits of this. we need to get this upstream so people don't have to think about it and get the benefits out of the box end of off topic discussion |
@brentvatne, yeah, I realise why you are doing it and it makes sense for many use-cases, though since I'm building a reusable library, I can't assume it makes sense to all of my users. :) |
@LinusU, how can we move this forward? |
I came across https://github.com/mateioprea/react-native-random-values-jsi-helper and was interested in doing a performance test. I took the same approach with both libraries as @tasn did above for direct use of crypto as well as use of the uuid package. These are obviously unscientific tests but do provide some direction with regard to performance. Crypto
This library: jsi library: uuidThis library: jsi library: |
Hey,
At the moment the calls are blocking on the RN bridge which can be quite slow. It's quite simple to make it both perform well and secure by using a JS based PRNG in addition to the native one.
You can see an example of this approach here: https://github.com/etesync/expo-crypto/blob/master/index.ts
Let me know if you need any help with implementing this or would like a patch.
--
Tom
The text was updated successfully, but these errors were encountered: