Secure Randomness in Go 1.22

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • gosec

    Go security checker

    For those unaware, gosec (and by extension golangci-lint) will warn about uses of `math/rand`

    https://github.com/securego/gosec/blob/d3b2359ae29fe344f4df5...

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • goimports

    [mirror] Go Tools (by golang)

    goimports has special-cased math/rand.Read vs crypto/rand.Read from basically the beginning. But https://github.com/golang/tools/commit/0835c735343e0d8e375f0... in 2016 references a time window where it could resolve "rand.Read" as "math/rand". Maybe you were in that time window?

  • ascon-c

    Ascon - Lightweight Authenticated Encryption & Hashing

    Related - a week or so ago I was playing with ASCON[1], a sponge based cipher and hash function aimed at embedded systems. A passing thought was that it might be handy to use as a random number generator. When I read this post a couple days ago, out of curiosity I picked up the ASCON permutation and benchmarked it vs this one.

    It was unfortunately a bit slower: ~27 ns per 64-bit value (6 round permutation) vs ~4 ns for the included ChaCha8. I suspect it could be optimized, and run at the higher output rate (8 rounds per 128-bit output). One nice thing is that it does have a smaller state of only 40 bytes.

    But - for the performance, this ChaCha8 implementation is _awesome_!

    [1] https://ascon.iaik.tugraz.at

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Top 10 Code Security Tools

    1 project | dev.to | 30 Oct 2024
  • About the gosec G115 drama, or how I faced back integer conversion overflow in Go

    1 project | dev.to | 9 Sep 2024
  • gosec

    1 project | /r/devopspro | 28 Feb 2022
  • CI/CD SAST for Golang (Lambda)

    1 project | /r/awslambda | 21 Apr 2021
  • Dependency management tools

    1 project | /r/golang | 10 Apr 2021

Did you konow that Go is
the 4th most popular programming language
based on number of metions?