Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:105025
Return-Path: <narf@devilix.net>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 850 invoked from network); 1 Apr 2019 13:12:16 -0000
Received: from unknown (HELO mail-wm1-f41.google.com) (209.85.128.41)
  by pb1.pair.com with SMTP; 1 Apr 2019 13:12:16 -0000
Received: by mail-wm1-f41.google.com with SMTP id q16so9710750wmj.3
        for <internals@lists.php.net>; Mon, 01 Apr 2019 03:07:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=devilix.net; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=bFAQ+jgiGfD+9O1GRwaifLBK81CrT8tpFkB+QDg4xjk=;
        b=mgxKuLAoaI1cfazAzVhoTolUZxC4RZ6MwtlKg6lJL0VvxFQLDk5fkaKKd49TKjoNXS
         +1ubSwFoyXAEE5igGWBY2eHmnoo76F/ds/n8EHh92sLaGd0NbEOQIiHxkqcZYFEk+TDU
         zm5BGdLQaI6PW8ya+oSJCLEGsgNRWzgJ3FfDM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=bFAQ+jgiGfD+9O1GRwaifLBK81CrT8tpFkB+QDg4xjk=;
        b=UTjVzWV4Ocu6pdrqV5JMjjyQUHnHDWzxs/BLQvmPXVfYascU8Vl46gSGHL2xRTLUff
         IvDykbtuo2ZQ4JOuA/mUSeaFuKv045iWf0uy3N8i1/UWsKbepsx9WyPxDxl+GyKLYH+3
         2pAsS1aKI/hPiCQurF6mt8j7/WtpLDa/3sQPg5Z7rMTVBiXicmFYAZjIEJqAExIl0dTi
         PjwqsNJw43ct8pjE6tHOROsqo9WkxeqxJ3wIP2ZZfQqEieEeTvuX61ua2abV7raE3kL+
         weJg4cso26/pcLNwNGY/gNR9c4/6tY23Pd/KhhUkOl6WV+IY37qKnZivBf4ldPf/wy+d
         J9dg==
X-Gm-Message-State: APjAAAVDJQ1WYJrBF3et4HENs9Sf96uUd3d9mtZ25CzX3K8/Qnj+LXq5
	fBJ9DlUX3AXM4F+G2NpoAc1Ar6qmgQ5GaiR+7YZrcA==
X-Google-Smtp-Source: APXvYqzMG8voMmTNTsjcwR3ZNSjGnxfVZDuxz0oA2FUnN5RpqE2yb1cKK5HoEDTbiTmAADTm7dEHwYQrVZNjEL75nuQ=
X-Received: by 2002:a1c:e085:: with SMTP id x127mr11610694wmg.87.1554113227590;
 Mon, 01 Apr 2019 03:07:07 -0700 (PDT)
MIME-Version: 1.0
References: <CAEsg9X0_gUdtTUiKSSZSQ7jFYoaXymqazAC2xr2MLO-U45b0Lg@mail.gmail.com>
 <CAL0xaBF94NFumGaqGL0CY-QPN_5F9BER11usrRbV3zGWd4iPsQ@mail.gmail.com>
 <CAEZPtU6XAtJPZ21_KvgyY2Pt2S-C7-cf9PAWAPG8m3_JOC-fow@mail.gmail.com> <CAG9XoMQnQ+j9YPvu9eqY1JK6jJ_YzdYt7g5T5EaBch7Yz03LUQ@mail.gmail.com>
In-Reply-To: <CAG9XoMQnQ+j9YPvu9eqY1JK6jJ_YzdYt7g5T5EaBch7Yz03LUQ@mail.gmail.com>
Date: Mon, 1 Apr 2019 13:06:56 +0300
Message-ID: <CAPhkiZx1dnMqG+Ws55zqCHkcKf6_VkQW1eOiMccJ1EcGZp46SA@mail.gmail.com>
To: Benjamin Morel <benjamin.morel@gmail.com>
Cc: Pierre Joye <pierre.php@gmail.com>, Arvids Godjuks <arvids.godjuks@gmail.com>, 
	David Rodrigues <david.proweb@gmail.com>, PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [PHP-DEV] random_seed()
From: narf@devilix.net (Andrey Andreev)

Hi,

On Mon, Apr 1, 2019 at 11:08 AM Benjamin Morel <benjamin.morel@gmail.com> wrote:
>
> Seeds could even be dangerous here, as these numbers are supposed to be
> cryptographically secure. If you need a seedable PRNG for testing, just use
> rand().
>

Not only it could be dangerous, it would beat the entire purpose of
random_bytes()/random_int(). Just to clarify for readers not familiar
with the topic:

Seed-based RNGs are deterministic.
deterministic === predictable
predictable === not secure

Whether you want to seed for testing purposes, or someone has beaten
it into you to use random_*() instead of (mt_)rand() and now your code
doesn't work the same way, you're likely blindly following best
practices without consideration. Not everything is 100% testable and
not every problem can have the same solution.

If you need to generate secure tokens of some kind - use random_bytes().
If you need to generate unpredictable random numbers - use random_int().
Don't worry about testing either of those.
If you need seed-based, reproducible outcomes - use mt_rand(), that's
perfectly fine for e.g. re-creating the same "random" map layout in a
video game - a valid use case; but it's not for security.

Cheers,
Andrey.