Improve string randomness

Current implementation of function fill_rand_string() uses randombytes() to get random bytes and then gets modulus of 26. However, since the number of variations is 256, which is not exact division of 26, this causes the last four characters 'w', 'x', 'y', and 'z' appearing with values log2(26)=4.700440 and 109.5, respectively. Regarding the samples and function to calculate the arithmetic mean, 150,000 samples were generated via the command "ih RAND" and these samples are used as argument to the "ent" command to calculate entropy and arithmetic mean. Here we expand buffer to 64-bit unsigned integer before getting random bytes. Calculating modulus on 64-bit unsigned integer gives more random result. After implementation, the entropy 4.700423 and arithmetic mean 109.5105 are improved to be closer to theoretical values.
sysprog21 · Mar 17, 2024 · 7337f95 · 7337f95
1 parent 054ec4d
commit 7337f95
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/qtest.c b/qtest.c
@@ -172,9 +172,12 @@ static void fill_rand_string(char *buf, size_t buf_size)
     while (len < MIN_RANDSTR_LEN)
         len = rand() % buf_size;
 
-    randombytes((uint8_t *) buf, len);
+    uint64_t *randstr_buf_64 = malloc(len * sizeof(uint64_t));
+    randombytes((uint8_t *) randstr_buf_64, len * sizeof(uint64_t));
     for (size_t n = 0; n < len; n++)
-        buf[n] = charset[buf[n] % (sizeof(charset) - 1)];
+        buf[n] = charset[randstr_buf_64[n] % (sizeof(charset) - 1)];
+
+    free(randstr_buf_64);
     buf[len] = '\0';
 }