In #48 and #102 some benchmarking data was provided showing that math/rand is faster than crypto/rand (for use in generating query IDs). However, those tests took too narrow a view. It's important to look at ID generation in the actual context in which it's used.
I wrote a more robust benchmark that stands up a trivial DNS server, and sends a lot of queries at it. You can fiddle with values of parallel to try and max out local CPU. On my laptop, -parallel 40 came close to maxing out my CPUs, and I was able to get an average qps of 147,210 for crypto/rand vs 147,350 for math/rand. This is a pretty tiny difference, and that's in optimal conditions. Across a real network, the qps would be much lower, which means the impact of using crypto/rand would be much lower.
I'd like to propose making crypto/rand the default, so users don't have to worry about whether they need more secure ID generation.
$ go run main.go
2019/11/14 16:43:11 math/rand N = 100000, parallel = 40, qps = 149075.287112
2019/11/14 16:43:12 crypto/rand N = 100000, parallel = 40, qps = 149218.081585
2019/11/14 16:43:13 math/rand N = 100000, parallel = 40, qps = 146252.205194
2019/11/14 16:43:13 crypto/rand N = 100000, parallel = 40, qps = 147203.384613
2019/11/14 16:43:14 math/rand N = 100000, parallel = 40, qps = 147398.219853
2019/11/14 16:43:15 crypto/rand N = 100000, parallel = 40, qps = 147448.185616
2019/11/14 16:43:15 math/rand N = 100000, parallel = 40, qps = 147396.953876
2019/11/14 16:43:16 crypto/rand N = 100000, parallel = 40, qps = 145910.799292
2019/11/14 16:43:17 math/rand N = 100000, parallel = 40, qps = 146785.044813
2019/11/14 16:43:18 crypto/rand N = 100000, parallel = 40, qps = 147818.343743
2019/11/14 16:43:18 math/rand N = 100000, parallel = 40, qps = 146877.602488
2019/11/14 16:43:19 crypto/rand N = 100000, parallel = 40, qps = 147186.064584
2019/11/14 16:43:20 math/rand N = 100000, parallel = 40, qps = 148628.014722
2019/11/14 16:43:20 crypto/rand N = 100000, parallel = 40, qps = 146466.368147
2019/11/14 16:43:21 math/rand N = 100000, parallel = 40, qps = 146388.435965
2019/11/14 16:43:22 crypto/rand N = 100000, parallel = 40, qps = 146432.207382
In #48 and #102 some benchmarking data was provided showing that
math/randis faster thancrypto/rand(for use in generating query IDs). However, those tests took too narrow a view. It's important to look at ID generation in the actual context in which it's used.I wrote a more robust benchmark that stands up a trivial DNS server, and sends a lot of queries at it. You can fiddle with values of
parallelto try and max out local CPU. On my laptop,-parallel 40came close to maxing out my CPUs, and I was able to get an average qps of 147,210 for crypto/rand vs 147,350 for math/rand. This is a pretty tiny difference, and that's in optimal conditions. Across a real network, the qps would be much lower, which means the impact of using crypto/rand would be much lower.I'd like to propose making
crypto/randthe default, so users don't have to worry about whether they need more secure ID generation.