Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:93961
Return-Path: <scott@paragonie.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 15697 invoked from network); 14 Jun 2016 16:49:15 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 14 Jun 2016 16:49:15 -0000
Authentication-Results: pb1.pair.com header.from=scott@paragonie.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=scott@paragonie.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain paragonie.com designates 209.85.218.52 as permitted sender)
X-PHP-List-Original-Sender: scott@paragonie.com
X-Host-Fingerprint: 209.85.218.52 mail-oi0-f52.google.com  
Received: from [209.85.218.52] ([209.85.218.52:35191] helo=mail-oi0-f52.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 99/03-34398-98530675 for <internals@lists.php.net>; Tue, 14 Jun 2016 12:49:15 -0400
Received: by mail-oi0-f52.google.com with SMTP id w5so186444791oib.2
        for <internals@lists.php.net>; Tue, 14 Jun 2016 09:49:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paragonie-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc;
        bh=NbGMaMG/4E1NR8OJPv2kkMVyWEOA8uQVMUn3oKOjQTA=;
        b=s3vf/BlugqXlWAbG3DHuxBHpL+Imt4sVHdDAlThhdwaWa5fZFnXULe7W120hq0Vf6k
         gpJhkaKsIn2tOjGvYu6cPpxLeVEKZ7eaHoGeeYIuP2QGC5M6FPFqQoFJPhnf8BrOJj5W
         63fJMdR3zqu3WE+4TB41Yd4cCjf68i1sl+axbnlSGOIQpfT+wiIBylw9SMenfVdvb5qd
         KV7sv9Qlp/gyqT5ZsQeIVPXXEenA4fZWuqGEj2nrGscrCLtgYq6dNGUPfNS2SMAt85BJ
         9Whi4fG79FKdAXxZyrNzxTwn9o/AvAPKAbKaVrAj4affcdluF3JOfOtNRMeY+seUd2jP
         2wpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:cc;
        bh=NbGMaMG/4E1NR8OJPv2kkMVyWEOA8uQVMUn3oKOjQTA=;
        b=GrUxQDCnp3br/D92UeueclnJa5qWHi2lldEqXf3G6y/p0ajH6iTKrXaGBLObheqSbK
         lEx0o32sGSlbbvMZO1V2NCRL6rGQCtPlyeKxhi/d/yOmm1PGPAC2TLo17ML3mhi/GHvF
         b8XRCMwRhiAvaYFauqautvSL5gytRX4Mlfpw+0KAqPrBvQ7KqK1vXL5UdZmISQRAMbMU
         iAe5YXT0zmNWUtJVazPt6Rvud1uBIO04VbfqYkwxG+mtQEHshmrxZnIvyWnidNnU8C3Y
         fMaWR2os3JD8XMLqeqpF3yedywH/CNUBnPk7kn2qGs5N39Pj8+AnuyuZP3kSelTr1+s5
         uR4Q==
X-Gm-Message-State: ALyK8tKO5B0ddi+Da8csWcJ97rvbAO0ZpWYLG5KZtVJwygtuaqs5A4uaa1NKQZ2CpySFWhUqwYpQtkw3GQWpig==
MIME-Version: 1.0
X-Received: by 10.157.51.74 with SMTP id u10mr12072995otd.124.1465922950790;
 Tue, 14 Jun 2016 09:49:10 -0700 (PDT)
Received: by 10.157.10.101 with HTTP; Tue, 14 Jun 2016 09:49:10 -0700 (PDT)
In-Reply-To: <CAPwsocFZQdU2bt0OETeJMQYBXVUkK8ygB5jTb4ML3df4GZWdVA@mail.gmail.com>
References: <CAPwsocFZQdU2bt0OETeJMQYBXVUkK8ygB5jTb4ML3df4GZWdVA@mail.gmail.com>
Date: Tue, 14 Jun 2016 12:49:10 -0400
Message-ID: <CAKws9z1ooBsymnjBKYbqNm=GZVfUQsGqasrLt+LH0KztJN_AQQ@mail.gmail.com>
To: Leigh <leight@gmail.com>
Cc: PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a113e27fac019f505353fc886
Subject: Re: [PHP-DEV] [RFC] RNG fixes
From: scott@paragonie.com (Scott Arciszewski)

--001a113e27fac019f505353fc886
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 14, 2016 at 12:46 PM, Leigh <leight@gmail.com> wrote:

> Hey Internals,
>
> I realise I'm cutting it close with this one, but I want to propose some
> changes to our standard random number generators.
>
> The downside of this proposal is that our RNGs (rand() and mt_rand()) are
> seedable and reproduce identical streams (platform dependant) for any giv=
en
> seed. However their implementations are broken or inconsistent, so we nee=
d
> to weigh up the cost of changing these sequences versus having solid
> implementations.
>
> It is my opinion that if we are going to make any changes to these
> functions, we should make all of the changes at the same time and avoid a=
ny
> future disruption to their output.
>
> The RFC contains a few proposals, some of them depend on each other while
> others are standalone. Throughout the discussion phase I hope to reduce t=
he
> number of proposals down to a consensus we can vote on in two weeks time.
>
> I will release a patch when I have a better feeling for the direction we
> want to take.
>
> The issues I want to bring up for discussion are.
>
> * Replacing mt_rand() and rand() to a strong, modern RNG.
> * Alternatively, fixing the current mt_rand() implementation to make it
> standard
> * Aliasing rand() to mt_rand() to improve output and cross-platform suppo=
rt
> * Fixing RAND_RANGE for large ranges.
> * Replacing insecure uses of php_rand() with php_random_bytes()
> * Making the array_rand() algorithm more efficient
>
> The RFC can be found here: https://wiki.php.net/rfc/rng_fixes
>
> If anyone knows of other fixes that should be made at the same time but I
> have overlooked, please let me know so I can get them included.
>
> Regards,
>
> Leigh.
>


Good idea.=E2=80=8B I'm particularly fond of PCG over MT and LCG (but would=
 not
ever use it for a CSPRNG).

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com/>=E2=80=8B

--001a113e27fac019f505353fc886--