Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:92215
Return-Path: <phofstetter@sensational.ch>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 83175 invoked from network); 12 Apr 2016 08:38:37 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 12 Apr 2016 08:38:37 -0000
Authentication-Results: pb1.pair.com header.from=phofstetter@sensational.ch; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=phofstetter@sensational.ch; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain sensational.ch designates 195.226.6.199 as permitted sender)
X-PHP-List-Original-Sender: phofstetter@sensational.ch
X-Host-Fingerprint: 195.226.6.199 mail.sensational.ch  
Received: from [195.226.6.199] ([195.226.6.199:60432] helo=mail.sensational.ch)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 1C/A7-28094-A04BC075 for <internals@lists.php.net>; Tue, 12 Apr 2016 04:38:36 -0400
Received: from mail-wm0-f50.google.com ([74.125.82.50]:38447)
	by mail.sensational.ch with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16)
	(Exim 4.76 and XAMS 0.0.20)
	id 1aptqC-00034W-2f
	for internals@lists.php.net; Tue, 12 Apr 2016 10:38:32 +0200
Received: by mail-wm0-f50.google.com with SMTP id u206so17871466wme.1
        for <internals@lists.php.net>; Tue, 12 Apr 2016 01:38:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=2K3px0we2SASmsG0JenMzSDPYPlkih8v9Q9WAyZ1pFQ=;
        b=FdFBhDPrpVek+T6uLmAaCpu8m7ecYvV7Ip2yD4gfcViJTT7caUkYLv5UnfOMZPPoe8
         nRz7wMbnFF/ABCYssaSwQi6VMWNmjZdZynx2xdXN65IvSD2jZKKBWVDAYZsSdMx0rXsP
         gWQ4pjNhCeQ0/pqFtUk/q2vazmUZAZwjP5Y40QG8FUZAEtYIGhBBZy3+WOpUsgg4Qp3D
         o8xk7f2mo76Oa944/J/iHoQxJ35Frs8PPQN9u6EIotoVw+uIZRWTSN9+h2Weh761iZvA
         cSAFa2Fte+zZDCRgcJ7Ro2uqrnoRncGw01hxbSYvwYS0wruyCs7j+Io7GA4gP0csBoqb
         KJVQ==
X-Gm-Message-State: AOPr4FXS6/HvxsZRPPP/sMLypjWKGF105rd0KBRt2qw5N/i4/WLJafELZgNNbVV18C8y3nMdNbSjvyBV9Qsr1rejJoe+kNihnrZ7iG0YGG0V7bK5nbRnIrlE2fiL4hL5ANohH3xq2znSIaAJV71zxGvDsOvQUNHXzbsM3N4=
X-Received: by 10.28.156.135 with SMTP id f129mr2511877wme.99.1460450311774;
        Tue, 12 Apr 2016 01:38:31 -0700 (PDT)
X-Received: by 10.28.156.135 with SMTP id f129mr2511865wme.99.1460450311644;
 Tue, 12 Apr 2016 01:38:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.130.205 with HTTP; Tue, 12 Apr 2016 01:38:12 -0700 (PDT)
In-Reply-To: <570CB007.2080503@php.net>
References: <CAGa2bXY3Zdrq-vU6_gCJVC3smP7DooBsKFNmQpz=ksdKsQORbQ@mail.gmail.com>
 <5706EEF3.3050705@gmail.com> <CAGa2bXbQkw2ouDJf5FHk3dbA4Xea4DmCwPdHUt_WRQ7H=EMAeQ@mail.gmail.com>
 <570CB007.2080503@php.net>
Date: Tue, 12 Apr 2016 10:38:12 +0200
Message-ID: <CAGKNXQGJ9a5AmsN-GV4N1yKh2Q4SH+4-Dfi9vfgX2top11F8Fg@mail.gmail.com>
To: Michael Wallner <mike@php.net>
Cc: Yasuo Ohgaki <yohgaki@ohgaki.net>, Stanislav Malyshev <smalyshev@gmail.com>, 
	"internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
X-SA-Do-Not-Run: Yes
X-SA-Exim-Connect-IP: 74.125.82.50
X-SA-Exim-Mail-From: phofstetter@sensational.ch
X-SA-Exim-Scanned: No (on mail.sensational.ch); SAEximRunCond expanded to false
Subject: Re: [PHP-DEV] [RFC][DISCUSSION] Session ID without hashing
From: phofstetter@sensational.ch (Philip Hofstetter)

Hi

On Tue, Apr 12, 2016 at 10:21 AM, Michael Wallner <mike@php.net> wrote:
> On 08/04/16 04:17, Yasuo Ohgaki wrote:
>
>> PRNG like /dev/urandom is supposed to be secure, but fair point. It
>> may be good idea keeping old hash based session ID just in case
>> someone find vulnerability. I suppose it's unlikely with modern PRNGs,
>> though.
>
> I've come to think that "unlikely" is still a bad precondition with
> regards to security... :)

however, if a vulnerability is found in /dev/urandom, that would be a
stop-what-you're-doing-and-patch moment anyways because so much stuff
depends on /dev/(u)random not producing predictable output.

If /dev/urandom is not to be trusted, you have to bring your server
offline right then. The fact that PHP would continue to produce more
secure session IDs won't help you much.

>> I didn't expect this much difference, but this is the result. Since
>> security experts advise to change session ID relatively high frequency
>> (few minutes to half an hour), this difference may be noticeable apps
>> returning cached JSON. I know apps that change session ID on every
>> request. (This should be done with caution. Otherwise, you may
>> experience lost sessions a lot due to race conditions) Such apps will
>> see performance gain.
>
> This RPS change is the result of just omitting hashing of the session id?

if it is, it's really worth considering this change as, again, a
vulnerability in /dev/urandom would be devastating enough to
immediately bring down the machine anyways.

Philip