Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72381
Return-Path: <nikita.ppv@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 81586 invoked from network); 7 Feb 2014 12:14:04 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Feb 2014 12:14:04 -0000
Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=nikita.ppv@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.176 as permitted sender)
X-PHP-List-Original-Sender: nikita.ppv@gmail.com
X-Host-Fingerprint: 209.85.214.176 mail-ob0-f176.google.com  
Received: from [209.85.214.176] ([209.85.214.176:63634] helo=mail-ob0-f176.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 3E/E7-34013-A0EC4F25 for <internals@lists.php.net>; Fri, 07 Feb 2014 07:14:03 -0500
Received: by mail-ob0-f176.google.com with SMTP id gq1so3835537obb.7
        for <internals@lists.php.net>; Fri, 07 Feb 2014 04:13:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=n6+UVRtoIXQNsF4BmtXfOAc8LpgiPMQ7HrkHLVmpjpQ=;
        b=kGq1RUV64//KcakATnMUjiag3cLsll46htjTHj9oZFsLDS58quuciV3pk/UgYHqSSp
         OEaMlmKR90yQrFyP9hLmU2+ylZCEzEFVCkUmNyDopklGCPgjCNwYJt4bQCe9EDZ75hP1
         SQ2g04fTZOhJ9PYo31U1IJeNUUeRLKXGHnoBw+xsXV+qfPZqk5lb8LxoMp/vTDlmK3js
         tkFDiWzh0CGQldJSQQMDtX+6rmhxoeg24g/ryGPBN9N6RszgynW3xajy3q83jy3yjkxa
         0HrWH1WoBQ0Qq22+Y1HSQr1SivQVl2ouHWta9LlgJIQaJXkPLZhSPIVLSv6qW2ntaxLP
         Gpvw==
MIME-Version: 1.0
X-Received: by 10.60.103.71 with SMTP id fu7mr12661052oeb.48.1391775239358;
 Fri, 07 Feb 2014 04:13:59 -0800 (PST)
Received: by 10.182.54.112 with HTTP; Fri, 7 Feb 2014 04:13:59 -0800 (PST)
In-Reply-To: <CAEZPtU7NJYRrsMMnNZZZ2fi_XSvqG5J=85=kd9yO5c54zfDCSw@mail.gmail.com>
References: <CAEZPtU7NJYRrsMMnNZZZ2fi_XSvqG5J=85=kd9yO5c54zfDCSw@mail.gmail.com>
Date: Fri, 7 Feb 2014 13:13:59 +0100
Message-ID: <CAF+90c-uprFAk=JOfTRdur1vbTSNK2U8_AGUGzj1QgVixdJVHA@mail.gmail.com>
To: Pierre Joye <pierre.php@gmail.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=089e0116059cbfcbed04f1cfec57
Subject: Re: [PHP-DEV] unify entropy source for all php related functions
From: nikita.ppv@gmail.com (Nikita Popov)

--089e0116059cbfcbed04f1cfec57
Content-Type: text/plain; charset=ISO-8859-1

On Fri, Feb 7, 2014 at 12:25 PM, Pierre Joye <pierre.php@gmail.com> wrote:

> hi,
>
> There are a lot of additions and discussions about entropy source and
> (P)RNG lately.
>
> PHP already has a ini setting to define a strong entropy source for
> the session module, which defaults to urandom or arandom.
>
> I would like to create two settings to unify the entropy source
> accross php functions. That includes mcrypt, new password APIs,
> session, LCG, etc.
>
> Something along this line:
>
> random.entropy_strong_source (/dev/(u|a)random etc.)
> random.entropy_crypto_source (/dev/random etc.)
>
> I am not willing to propose new RNG functions or extensions for 5.6 as
> we have way too little time to actually discuss its design and APIs.
> However having these settings unified and documented would be a good
> step forward already.
>

I'm not sure I understand this proposal and/or its purpose. Different
applications have different requirements on the strength of the random
number generator. As such this is something that needs to be specified on
every use, rather than a (global) ini setting.

If your proposal is to have different different "categories" of randomness
(the names indicate "strong" and "crypto"), then I see little point in
having inis for this, rather than letting PHP choose an appropriate source
(from that category) that is available on the system. Also, if you want to
introduce such categories, you should also clarify how they will be used
with the individual functions. Does that mean mcrypt_create_iv will have
additional MCRYPT_STRONG and MCRYPT_CRYPTO options that will then use the
source specified by the respective inis? Will the same also be added to
openssl_pseudo_random_bytes as a (third) parameter?

And what do you mean by LCG? Do you mean the lcg_value() generator for
floating point numbers? I don't see how that function is supposed to make
use of these options. After all, the name already says that it uses a
linear congruential generator, so that should be what it uses. Or do you
mean to use the specified randomness source for the seed? That doesn't make
a lot of sense to me, as you'd be sticking a strong random seed into a
very, very weak prng.

I feel like these ini settings make things only more confusing. I'd much
more appreciate the introduction of a function for generating random bytes
in the standard library, that supersedes the individual extension functions.

Nikita

--089e0116059cbfcbed04f1cfec57--