-
Type: Improvement
-
Resolution: Fixed
-
Priority: Unknown
-
Affects Version/s: None
-
Component/s: None
While investigating GODRIVER-2349, we discovered that the Go "math/rand" package Seed functions drop half of the 64 bits of entropy provided (see code here). There is also an open Go issue requesting more documentation on the behaviors and algorithms in the "math/rand" package (see this comment specifically asking about truncating the seed value). There is an open Go proposal to replace the pseudo-random number algorithms used in the "math/rand" package, either in a Go 1.x release or in Go 2.0. In both places, Rob Pike suggests using the golang.org/x/exp/rand package to replace "math/rand", with the caveat that there may be performance regression until the compiler supports using per-platform 64-bit multiply and add instructions, which it now does.
Additionally, the google/uuid package supports pooling random values for generating random UUIDv4 values, which may mitigate the performance impact of using "crypto/rand". We should consider using that dependency to replace the "uuid" package.
tldr; We should investigate if using the golang.org/x/exp/rand or github.com/google/uuid packages would make a meaningful improvement, either in simplicity of code or performance. If so, we should update the session ID UUID generator to use the best package.
Definition of done:
- Prototype using "x/exp/rand" and "google/uuid" packages to see if they simplify the pseudo-random number generator use cases in the driver.
- Benchmark UUID generation with "crypto/rand", "math/rand", "x/exp/rand", and using "google/uuid" (on macOS and on Linux) to see if there is a meaningful improvement in any case.
- If there is a better approach, update the Go driver UUID generator to use "x/exp/rand", "google/uuid", or revert to using "crypto/rand".
- is related to
-
GODRIVER-2349 Prevent session ID reuse due to lower-than-expected system clock resolution
- Closed
-
GODRIVER-2223 Use "math/rand" instead of "crypto/rand" for UUID generator
- Closed