Move to Cryptographically Secure RNG

coduri · coduri · commit d5244761ff84 · 2025-02-25T15:20:34.000+01:00
Ensured all randomness used in encryption follows best security practices.
diff --git a/.gitignore b/.gitignore
@@ -37,8 +37,6 @@ Temporary Items
 ### PyCharm ###
 # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
 # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
-
-# User-specific stuff
 .idea/
 
 # CMake
@@ -292,7 +290,7 @@ pyrightconfig.json
 # Ignore all files except .gitkeep
 # The .gitkeep file is used to ensure the empty folder is committed to the repository.
 scripts/images/output/*
-!script/images/output/.gitkeep
+!scripts/images/output/.gitkeep
 
 web_app/static/output/*
 !web_app/static/output/.gitkeep
diff --git a/README.md b/README.md
@@ -4,32 +4,21 @@
   </a>
 </p>
 
-<h1 align="center">VisualCrypto</h1>
 
-<p align="center">A framework for image-based secret sharing</p>
 
-<p align="center">
-  <!-- Python Version -->
-  <a href="https://www.python.org/downloads/">
-    <img src="https://img.shields.io/badge/Python-3.8%2B-blue" alt="Python 3.8+" />
-  </a>
+<div align="center">
 
-  <!-- API Documentation -->
-  <a href="https://coduri.github.io/VisualCrypto/">
-    <img src="https://img.shields.io/badge/Documentation-Available-green" alt="Documentation Available" />
-  </a>
+[![Python 3.8+](https://img.shields.io/badge/Python-3.8%2B-blue)](https://www.python.org/downloads/)
+[![Cryptographic Secure](https://img.shields.io/badge/Cryptographic%20Secure-secrets.py-blueviolet)](https://docs.python.org/3/library/secrets.html)
+[![Documentation Available](https://img.shields.io/badge/Documentation-Available-green)](https://coduri.github.io/VisualCrypto/)
+[![Contributions Welcome](https://img.shields.io/badge/Contributions-Welcome-orange)](https://coduri.github.io/VisualCrypto/pages/contributing/)
+[![License](https://img.shields.io/badge/License-MIT-red)](https://github.com/coduri/VisualCrypto/blob/main/LICENSE.txt)
+
+
+</div>
 
-  <!-- Contributions -->
-  <a href="https://coduri.github.io/VisualCrypto/pages/contributing/">
-    <img src="https://img.shields.io/badge/Contributions-Welcome-orange" alt="Contributions Welcome" />
-  </a>
 
-  <!-- License -->
-  <a href="https://github.com/coduri/VisualCrypto/LICENSE.txt">
-    <img src="https://img.shields.io/badge/License-MIT-red" alt="License" />
-  </a>
 
-</p>
 
 ---
 
diff --git a/scripts/images/output/.gitkeep b/scripts/images/output/.gitkeep
diff --git a/scripts/random_grid/rg_grayscale_additive_SS.py b/scripts/random_grid/rg_grayscale_additive_SS.py
@@ -1,5 +1,6 @@
 import numpy as np
 from PIL import Image
+import secrets
 
 
 # Returns a dictionary containing function mappings and metadata for the algorithm (used by the web interface).
@@ -51,7 +52,7 @@ def create_random_grid(size):
     Returns:
     numpy.ndarray: A grid filled with random integer values between 0 and 255.
     """
-    grid = np.random.randint(0, 256, size=size)
+    grid = np.array([[secrets.randbelow(256) for _ in range(size[1])] for _ in range(size[0])], dtype=np.uint8)
     return grid
 
 
@@ -103,13 +104,13 @@ def encrypt(image):
     """
     img_array = np.array(image).astype(int)  # Convert PIL Image to numpy array and convert to int type
 
-    # Create the first random grid
+    # Create the first random grid and convert it to PIL Image
     grid1 = create_random_grid(img_array.shape)
-    grid1_image = Image.fromarray(grid1.astype(np.uint8))  # Convert grid to PIL Image
+    grid1_image = Image.fromarray(grid1)
 
-    # Create the second grid (difference grid)
+    # Create the second random grid and convert it to PIL Image
     grid2 = create_difference_grid(img_array, grid1)
-    grid2_image = Image.fromarray(grid2.astype(np.uint8))  # Convert grid to PIL Image
+    grid2_image = Image.fromarray(grid2.astype(np.uint8))  # np.uint8 causes wrapping (modulo 256) for negative values
 
     return grid1_image, grid2_image
 
diff --git a/scripts/random_grid/rg_grayscale_halftone.py b/scripts/random_grid/rg_grayscale_halftone.py
@@ -1,5 +1,6 @@
 from PIL import Image
 import numpy as np
+import secrets
 
 
 # Returns a dictionary containing function mappings and metadata for the algorithm (used by the web interface).
@@ -62,7 +63,7 @@ def create_first_random_grid(size):
     Returns:
     numpy.ndarray: A random binary grid (0s and 1s) of the specified size.
     """
-    grid = np.random.randint(2, size=size)
+    grid = np.array([[secrets.randbelow(2) for _ in range(size[1])] for _ in range(size[0])])
     return grid
 
 
diff --git a/scripts/visual_cryptography/vc_grayscale_halftone.py b/scripts/visual_cryptography/vc_grayscale_halftone.py
@@ -1,7 +1,6 @@
 from PIL import Image
-import random
 import copy
-
+import secrets
 
 # Returns a dictionary containing function mappings and metadata for the algorithm (used by the web interface).
 def get_config():
@@ -98,9 +97,10 @@ def random_col_permutation(matrix):
     n_cols = len(matrix[0])
     new_matrix = copy.deepcopy(matrix)
 
-    # Generate a random permutation of column indices
+    # Generate a random permutation of column indices.
+    # Note that: secrets.SystemRandom is a class that uses the system's cryptographic random number generator
     col_indices = list(range(n_cols))
-    random.shuffle(col_indices)
+    secrets.SystemRandom().shuffle(col_indices)
 
     # Apply the column permutation to the matrix
     for i in range(n_rows):
