SecurityDriven.Core
SecurityDriven.Core copied to clipboard
Consider contributing this to .NET BCL
Wanted to see if this is something that should possibly worth persuing as contrib to core .NET itself rather then standalone lib.
@macsux Unfortunately it is very unlikely to be merged into core .NET. Microsoft has decided to maintain backward compatibility, and will keep old broken implementation (.NET 5 and below) for all seeded invocations of System.Random
in .NET 6. Microsoft's approach to unseeded implementation in .NET 6 is also different - they've decided to implement xoshiro256**
algorithm, which is faster than legacy implementation, but Microsoft's approach to thread-safety (Random.Shared
) is also deficient. Microsoft uses thread-static instances which never use full 2^256 period as designed.
CryptoRandom
approach is different - it takes the approach that cryptographically strong randomness is the best kind of randomness (whether seeded or unseeded). Users should not be experts to know where/when they need cryptographic randomness vs. "lesser kind" of randomness. The randomness provided should just be high-quality at all times for all purposes.