Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:118351
Return-Path: <sandfox@sandfox.me>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 66816 invoked from network); 4 Aug 2022 18:40:01 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 4 Aug 2022 18:40:01 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 4908E180380
	for <internals@lists.php.net>; Thu,  4 Aug 2022 13:40:23 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
	SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no
	autolearn_force=no version=3.4.2
X-Spam-ASN: AS398810 136.175.108.0/24
X-Spam-Virus: No
X-Envelope-From: <sandfox@sandfox.me>
Received: from mail-108-mta77.mxroute.com (mail-108-mta77.mxroute.com [136.175.108.77])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu,  4 Aug 2022 13:40:22 -0700 (PDT)
Received: from filter006.mxroute.com ([140.82.40.27] filter006.mxroute.com)
 (Authenticated sender: mN4UYu2MZsgR)
 by mail-108-mta77.mxroute.com (ZoneMTA) with ESMTPSA id 1826a966c660000261.004
 for <internals@lists.php.net>
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256);
 Thu, 04 Aug 2022 20:40:19 +0000
X-Zone-Loop: f74603b207f88d4433af129bf265817bbe54da1ee529
X-Originating-IP: [140.82.40.27]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sandfox.me;
	s=x; h=MIME-Version:Content-Transfer-Encoding:Content-Type:References:
	In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Sender:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=5R/ddligGdWBrJnYeyohBrW8Gup/rynE4sX0hWheKSg=; b=btmurBf/OiuAU00Hu/FjTkfs+E
	8UHZ26KpGkAndKGTHlXtquDVL+y+NaOKzEWgDdIca3kUhb/tUuPC8A8Vk98vaYNC36oDwjwfScXpF
	Gaak7eyVBGSS9MMe98hc9p6fBgdCaDpX7+iZT+dwRr6PRrAQsMi41adLNtQRhzL6ZXv7NsZ3vonhp
	bUevRbrjgC3bI9iN/Q67BpvYqq68YenPPboDAv/CHF51wcOO5r0e8n8lBfiwB5ocmsoZM2b2nqOhE
	+hrSeb6BkJ9Ndv5zRnwH7I+8xzsDEtlNnhiXPoEgpOzKDRyRFdufWgNS67Tt26fHXFdK2GC5521Xq
	llgAFHfQ==;
Message-ID: <5d5939059e4dbad172b25101fd9517d46af9e86d.camel@sandfox.me>
To: Hans Henrik Bergan <divinity76@gmail.com>
Cc: PHP Internals List <internals@lists.php.net>, Go Kudo
 <zeriyoshi@gmail.com>,  Tim =?ISO-8859-1?Q?D=FCsterhus?= <tim@bastelstu.be>
Date: Thu, 04 Aug 2022 23:40:16 +0300
In-Reply-To: <CAJmy8YEGzTnr9=XxUTkWU9fcBOzs1x-dXNov1ks-EzfcQoUXtQ@mail.gmail.com>
References: <157e4f6b6e96376e61194b9a358c87b02880ec28.camel@sandfox.me>
	 <67f9981b-de29-2f83-cecf-08ea3c1199ae@bastelstu.be>
	 <CAJmy8YEGzTnr9=XxUTkWU9fcBOzs1x-dXNov1ks-EzfcQoUXtQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.44.3 (3.44.3-1.fc36) 
MIME-Version: 1.0
X-AuthUser: sandfox@sandfox.me
Subject: Re: [PHP-DEV] xoshiro** edge case (all zeros)
From: sandfox@sandfox.me (Anton Smirnov)

On Thu, 2022-08-04 at 22:32 +0200, Hans Henrik Bergan wrote:
> dangerous to be sure, but it's also a technically valid seed,
> are you sure we should disallow a valid seed?

Reference implementation defines it as invalid:
https://prng.di.unimi.it/xoshiro256starstar.c

Some implementations choose to seed the RNG with 0x0000...0001 but that
kinda inroduces bias

> On Thu, 4 Aug 2022 at 20:33, Tim D=C3=BCsterhus <tim@bastelstu.be> wrote:
> > Hi
> >=20
> > On 8/4/22 10:09, Anton Smirnov wrote:
> > > xoshiro** has a known edge case: all-zero seed
> >=20
> > Indeed, good catch. I had that in mind, but forgot about it.
> >=20
> > > <?php
> > >=20
> > > $engine =3D new \Random\Engine\Xoshiro256StarStar(str_repeat("\0",
> > > 32));
> > >=20
> > > while (true) {
> > > =C2=A0 =C2=A0 =C2=A0 echo hex2bin($engine->generate()), PHP_EOL; //
> > > 0000000000000000
> > > }
> > >=20
> > > It should be documented and/or handled
> > >=20
> > > It's only for a string seed, int seed is not affected
> > >=20
> >=20
> > I've created a PR here:
> >=20
> > https://github.com/php/php-src/pull/9250
> >=20
> > I've opted to throw a ValueError in that case, as that's the only
> > safe=20
> > option that does not introduce a bias.
> >=20
> > The 32xNUL seed basically should only happen for manually written=20
> > testing input and not happen otherwise. An actual random seed will=20
> > result in 32 NUL bytes with just a 2**-256 chance and when relying
> > on=20
> > the implicit CSPRNG seeding (`null` as seed parameter) my PR will
> > just=20
> > retry to catch even that edge case.
> >=20
> > Best regards
> > Tim D=C3=BCsterhus
> >=20