Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:84902 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 21426 invoked from network); 15 Mar 2015 20:29:57 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Mar 2015 20:29:57 -0000 Authentication-Results: pb1.pair.com header.from=nikita.ppv@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.212.180 as permitted sender) X-PHP-List-Original-Sender: nikita.ppv@gmail.com X-Host-Fingerprint: 209.85.212.180 mail-wi0-f180.google.com Received: from [209.85.212.180] ([209.85.212.180:38183] helo=mail-wi0-f180.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A6/15-31306-4CBE5055 for ; Sun, 15 Mar 2015 15:29:56 -0500 Received: by wifj2 with SMTP id j2so27308190wif.1 for ; Sun, 15 Mar 2015 13:29:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=DZ20mSz6zSQKVwwTyLwewEhXp5FDQD1t7fue7Rr+ZiU=; b=GO1j+WqW3F1kzXahY/Nh1AqaFy1anz0EZ5A29vZwiDw4ZbUyC8w8LFaldzwc+qSGCy alY1k11ZbEINa40Zk8ozysimNsxiBZ7SE7/hkUb5twHlTXCF/LNZewZOGFJ5gWjcjNUc 3cn2vxIz5GYUIEyDfzn5wZJVgn0UkuOqjPtonUxtho9sVXP6FB0fvUJdW7b1mK4o4FRl GG01N5Sd1Au6ZaIB4mWkPYpxyySZ9N3TS37PD9lrDEPgfWwQL747b/yeDuHEwaMgvlJ6 p+bWQfDNcEhbNNtKCXJ+RDw/EmlwTBAkST6tWJG2ez5HWfnSghJkVXTSUaZY252X1bWV 3Pfg== MIME-Version: 1.0 X-Received: by 10.180.97.106 with SMTP id dz10mr113836112wib.33.1426451393296; Sun, 15 Mar 2015 13:29:53 -0700 (PDT) Received: by 10.27.10.193 with HTTP; Sun, 15 Mar 2015 13:29:53 -0700 (PDT) In-Reply-To: <55055F1D.2020200@beccati.com> References: <55055F1D.2020200@beccati.com> Date: Sun, 15 Mar 2015 21:29:53 +0100 Message-ID: To: Matteo Beccati Cc: Sammy Kaye Powers , PHP Internals Content-Type: multipart/alternative; boundary=f46d0442712e964068051159984c Subject: Re: [PHP-DEV] [RFC] [VOTE] Vote open for reliable user-land CSPRNG From: nikita.ppv@gmail.com (Nikita Popov) --f46d0442712e964068051159984c Content-Type: text/plain; charset=UTF-8 On Sun, Mar 15, 2015 at 11:29 AM, Matteo Beccati wrote: > On 15/03/2015 04:23, Sammy Kaye Powers wrote: > >> A two week discussion period has been held for the reliable user-land >> CSPRNG RFC to add `random_bytes()` and `random_int()`. The RFC has now >> been >> moved into voting. >> >> https://wiki.php.net/rfc/easy_userland_csprng >> >> There was some discussion of prefixing the function names with >> `crypto_*()` >> but there are a few reasons we decided against this: >> >> 1) There is a crypto pecl extension, so the pseudo-namespace might cause >> confusion. >> 2) We want to work on a fully featured crypto framework for 7.1, and >> crypto_* is a good prefix for that, so again, we don't want to mix things >> up. >> > > [...] > > Or in the poker deck example, wouldn't it be enough just to seed mt_srand > with a crypto-secure number to remove the biasing and using mt_rand to > shuffle the deck? > The problem is that when using mt_rand - even if you seeded it with a cryptographic random number - you will be able to predict all future random numbers based on the first few. The tiny 32bit seed space can be easily brute forced. MT also allows directly recovering the full internal state from the output, though that requires a relatively large amount of values (624 if not truncated) and as such isn't practical for the Poker case. Nikita --f46d0442712e964068051159984c--