[pgpool-hackers: 4594] Re: Shuffle random functions and use better random numbers

Tatsuo Ishii ishii at postgresql.org
Mon May 19 10:37:04 JST 2025 

>> Thanks for the patches. After reading them. I visited PostgreSQL
>> source code and found followings.
>> 
>> - Our PostmasterRandmon() was imported from PostgreSQL long time ago
>>   (2016). In the same year PostgreSQL replaced PostmasterRandmon()
>>   with pg_strong_random().(src/port/pg_strong_random.c.
>>   pg_strong_random() looks better than PostmasterRandmon(), since it's
>>   more secure and portable. Moreover no initialization is necessary.
>> 
>> - PostgreSQL introduced Pseudo-Random Number Generator in 2021
>>   (src/common/pg_prng.c). In the commet:
>> 
>>  * Pseudo-Random Number Generator
>>  *
>>  * We use Blackman and Vigna's xoroshiro128** 1.0 algorithm
>>  * to have a small, fast PRNG suitable for generating reasonably
>>  * good-quality 64-bit data.  This should not be considered
>>  * cryptographically strong, however.
>>  *
>>  * About these generators: https://prng.di.unimi.it/
>>  * See also https://en.wikipedia.org/wiki/List_of_random_number_generators
>> 
>>  This is used for SQL functions in PostgreSQL. Looks pretty portable
>>  and maybe faster than standard random() function in some
>>  platforms. One bonus is, your select_rand_weight() is already
>>  implemneted in it: pg_prng_double().
>> 
>> Probably we should import pg_strong_random.c and pg_prng.c, then
>> change pgpool to use pg_strong_random() for generating salts,
>> pg_prng_double() for generating random number between 0 and 1.0.
>> 
>> What do you think?
> 
> I'm definitely not opposed to this approach. I've given a shot at
> importing these two files, but there's quite a bit of postgres
> specifics in there. I could probably make it work, but it'll probably
> be in such a convoluted way that it's going to need a full rewrite
> anyway.
> 
> Some nitpicking could be done over some of the internals, but I
> don't mind this color bikeshed.

Attached is a patch to replace PostmasterRandmon() with
pg_strong_random(). I think this is not only useful to enhance the
quality of random numbers generated for authentications (md5 and
scram-sha-256) but is needed anyway if we import pg_prng.c as it
relies on pg_strong_random().

I am going to push this if there's no objection.

Best regards,
--
Tatsuo Ishii
SRA OSS K.K.
English: http://www.sraoss.co.jp/index_en/
Japanese:http://www.sraoss.co.jp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: v1-0001-Replace-PostmasterRandom-with-pg_strong_random.patch
Type: text/x-patch
Size: 9020 bytes
Desc: not available
URL: <http://www.pgpool.net/pipermail/pgpool-hackers/attachments/20250519/dd35aae3/attachment.bin>

More information about the pgpool-hackers mailing list