Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72592 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 10187 invoked from network); 14 Feb 2014 12:03:16 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 14 Feb 2014 12:03:16 -0000 Authentication-Results: pb1.pair.com header.from=narf@devilix.net; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=narf@devilix.net; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain devilix.net designates 209.85.213.44 as permitted sender) X-PHP-List-Original-Sender: narf@devilix.net X-Host-Fingerprint: 209.85.213.44 mail-yh0-f44.google.com Received: from [209.85.213.44] ([209.85.213.44:52724] helo=mail-yh0-f44.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id E8/10-09381-3060EF25 for ; Fri, 14 Feb 2014 07:03:15 -0500 Received: by mail-yh0-f44.google.com with SMTP id f73so11473542yha.3 for ; Fri, 14 Feb 2014 04:03:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=devilix.net; s=google; h=mime-version:date:message-id:subject:from:to:content-type; bh=Vl8Xb0aLpQSKghuET06yDP4AXi/toEaG1/syzIMeAEU=; b=W8AETjwJiZwyJ3JA21gL2lm9rAFW2pIhIiGPUz+GsF3zZp1EebMIwtsXJYik7DL7Jq v3qi0NZ9e4idazwnCKDKXEvBuEk7B/msgbL+XAPwfee1Ib+ErWUNERxGvxgdI5zKGDAU /OGxRE2ujjC9pJM1kyr5gnoa7DXPkQ0ekrC6M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=Vl8Xb0aLpQSKghuET06yDP4AXi/toEaG1/syzIMeAEU=; b=XmgWm91IKR5HZh8Ua112LUmVkqVdPefZulUd95NHwj6cqZXiYWNbTd7h6mZLaHQ0ey tksyoBrAQIOXSP8+Hq2Oo9wLyayZNUsj8WEdkyXuaGiW6MkhWpczmKXsglrMhjRtXgna N1cq+nc770oCA1HZ8GmHUV3TOM1Hw4+57ysSSkdRHSrup2mrWQOKsnnbLrv1ABb4jMA2 3PfJO6tDfMHS/fTYucTHiipWqCSCDoszAByOEosKkY0EQfzShJn6LqUxwxOWvqNE5Hzl 0aK2NbO5zC9FkXnqeabddCsULJLzfG82Da8g8YrNsNpt7G40E12jR5iO0iHA18WXkYdk sRcw== X-Gm-Message-State: ALoCoQnkKw28N2lQoldQkH9wWzwLXmxCYEq9l0TiwqD+eKpheDCfdTZ17JR74Dy8jJShoCLQJTwD MIME-Version: 1.0 X-Received: by 10.236.129.36 with SMTP id g24mr707493yhi.103.1392379392993; Fri, 14 Feb 2014 04:03:12 -0800 (PST) Received: by 10.170.49.147 with HTTP; Fri, 14 Feb 2014 04:03:12 -0800 (PST) Date: Fri, 14 Feb 2014 14:03:12 +0200 Message-ID: To: "internals@lists.php.net" Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] unify entropy source for all php related functions From: narf@devilix.net (Andrey Andreev) Hi, I'm not a cryptographer and therefore I might be missing something here, but I've read quite a lot about this recently and ALL sources say that /dev/urandom is both widely used and considered safe for cryptography. Only a select few mention that it could be a bit weaker in specific cases, in theory. AFAIK, that's even what every crypto-related functionality in PHP uses for randomness, except maybe for mcrypt_create_iv() which by default uses /dev/random, but has the option to switch. So why the 2 options? And then there are some issues with it being an ini setting (or two) ... Somebody mentioned that because this is sensitive, it must not be changeable during runtime - I agree with that to some extent, but unless I'm administrating the server: - what if it is set to a weak source and I want to switch to a stronger? - what if I need a non-blocking one and it is set to /dev/random? - what's the point of default values, if they are to be somehow detected depending on the OS? If it was up to me, I'd just introduce a function, i.e. prng(bool $crypto, bool $blocking) and auto-detect the strongest possible source. Other stuff like session ID generation surely can use that under the hood. Regards, Andrey Andreev.