Common Lisp, Cryptography, Development, LISP

ISAAC-64 Algorithm Added to CL-ISAAC

Over the long weekend, I finished porting the ISAAC-64 algorithm from C to Common Lisp, and it is now included in the CL-ISAAC package on GitHub: The new version (1.0.2) including ISAAC-64 will be available through Quicklisp in next month’s update; but if you would like to try it right away, you can clone the repo into ~/quicklisp/local-projects/ and give the Quick Recipe a try:

;; generate a 512-bit hex string token using ISAAC-64 context
(defvar my-isaac64-ctx (isaac:init-kernel-seed :is64 t))
(format nil "~64,'0x" (isaac:rand-bits-64 my-isaac64-ctx 512))
    => "6F00D098A342450CD7A2C27D941625ED70E7F7F4DD0BD46D8D1597361F0AA49180728D9BA062A14E6795F579D5B04B01F92310F18921A7397C57CF09012E104F"

Note that the interface for CL-ISAAC is mostly unchanged. If you wish to upgrade your codebase to use the ISAAC-64 algorithm, simply set the keyword value :is64 t on init-kernel-seed, init-common-lisp-random-seed, or init-null-seed, as necessary. You can then use the new functions rand64 or rand-bits-64 to generate your random values.

The complete list of new exported symbols:

  • struct isaac64-ctx
  • function generate-next-isaac64-block ctx => nil
  • function rand64 ctx => random 64-bit value
  • function rand-bits-64 ctx n => random N-bit value
  • macro mix64 a b c d e f g h
  • function scramble64 ctx => scrambled ctx
  • function jenkins-output-64 filename => nil

About: CL-ISAAC is a Common Lisp library for fast cryptographic random number generation. From the documentation on the original C implementation: “ISAAC-64 generates a different sequence than ISAAC, but it uses the same principles. It uses 64-bit arithmetic. It generates a 64-bit result every 19 instructions. All cycles are at least 272 values, and the average cycle length is 216583.”

Currently ISAAC-64 is only available on x86-64 systems. If you would like it to be made available on your 64-bit platform, or discover any bugs, please create an issue on the master GitHub repo:


2 thoughts on “ISAAC-64 Algorithm Added to CL-ISAAC

    1. I use CL-ISAAC and Ironclad together in my web framework project REDSHIFTNET, in the Auth module. Specifically, I’m currently using CL-ISAAC to generate random session tokens, and I’ve already started upgrading the PBKDF2–SHA256 password-hashing function HARDENED-PASSWORD to use a random salt generated by CL-ISAAC instead of with IRONCLAD:MAKE-RANDOM-SALT. It’s more of a personal choice to tighten up security, than strictly necessary.

      I forked Ironclad today, actually, because I plan on implementing SHA-3 (Keccak) for Ironclad and sending a pull request to the maintainer. While I’m at it, I can certainly ask them if they would like CL-ISAAC included; but in the mean time, it’s fairly trivial to use them together.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s