Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:94424
Return-Path: <danack@basereality.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 96816 invoked from network); 7 Jul 2016 20:33:54 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Jul 2016 20:33:54 -0000
Authentication-Results: pb1.pair.com smtp.mail=danack@basereality.com; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=danack@basereality.com; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain basereality.com from 209.85.161.170 cause and error)
X-PHP-List-Original-Sender: danack@basereality.com
X-Host-Fingerprint: 209.85.161.170 mail-yw0-f170.google.com  
Received: from [209.85.161.170] ([209.85.161.170:33428] helo=mail-yw0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 51/8D-18622-1BCBE775 for <internals@lists.php.net>; Thu, 07 Jul 2016 16:33:54 -0400
Received: by mail-yw0-f170.google.com with SMTP id j17so24640609ywg.0
        for <internals@lists.php.net>; Thu, 07 Jul 2016 13:33:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=basereality-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=z1jVqhcngKmM9113l+EPjFlBTBqr+j7WpkMhFljeEaM=;
        b=sPBgAPHGPxBhtNBu/YNqF32YpnW053xoFfZZAd7pr20ZkOF+HczDEr2vXi6yPXM7xt
         HKNxNYtyhDXRC0nE6TtsVtn7HZqwVDXKdR84tLis23gKWAR/i6z6Ckmg2w9luqi2sEa0
         dvgxtZAQ/+R2ydSig1f1TbsRYoZ6O/ACSQ5AWn7jRpc0fqRFiMp1T7Aimu3QeEOya+VR
         nHPNTHNx769ajs0y0saWeJteGGHrHuzTq/onkZy1A6/cTc13xmfYjIYHVhoTMbDHsiFp
         E1+9JDLGACohePCrRxX9a+iO611N2RAh0kNsX5+eAbSXbcOOEzNu98wXo6y23PoP0DZZ
         lX8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=z1jVqhcngKmM9113l+EPjFlBTBqr+j7WpkMhFljeEaM=;
        b=k9ldEOqtYTFZ/5/YJTevgC/V0P6/my1YkbPDofZcwTxWyp+WP1tJW2EQJSERS9Re5l
         f231fY6VtSJ73yBw1kmuPzGBvlXKRFkXeREMnzoUcSY4Q3tqnAca1ob0zuMZUlKlE0BW
         sBPgJeGlczOPSKEzzVkpvMxOIm1Lxnn0JqReuK7DgZKrxj9Bylvcyqx4HvU4zuNbT7zC
         XiIquzTpqGOtq4fH1YPvNWQhs5gp1e3CioqFvRflhOy9uinc0je5nRo4IqCh4GXoin9r
         Qos+NQvEPhP6FK6waFOq70wfZLxLiwZhIHxjDDmZviHw2PNvZYsqD8pEoYw4hfb4YMf5
         Djqw==
X-Gm-Message-State: ALyK8tIRR8yzOaXO4hku4yybEQVuNLBj77lGEKcdwmWAmVwvhU/rocLUioe+woFd9qISemLa1rdL8gf3CKN0mA==
X-Received: by 10.37.212.7 with SMTP id m7mr1863867ybf.20.1467923627132; Thu,
 07 Jul 2016 13:33:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.207.16 with HTTP; Thu, 7 Jul 2016 13:33:46 -0700 (PDT)
X-Originating-IP: [78.145.242.3]
In-Reply-To: <CAPwsocHU4Dc5YLMq_vfJsvXQseH7es4baMh-_pNJFf7aB3bKyg@mail.gmail.com>
References: <CAGa2bXaSkozJLLtycujwmHyas9TofRw5s6JzG0EQQvPyU0pxNQ@mail.gmail.com>
 <CAGa2bXZ=DiqQ4PozYntvGApZHdkjWyTBQhk_Udy5Y3_m0ry9Lw@mail.gmail.com>
 <a32232d3-006b-a7c2-0aa8-7f44509dfe69@gmail.com> <CAGa2bXa3o4FzQDGyU+=XHWoH59QjTJdJcjwch4=VdUUC7ZsD=w@mail.gmail.com>
 <CAEZPtU5RRGbUXJE7cHd2LuUmF5hiGDJAhGNKZ+_nRj1d+pHkZA@mail.gmail.com> <CAPwsocHU4Dc5YLMq_vfJsvXQseH7es4baMh-_pNJFf7aB3bKyg@mail.gmail.com>
Date: Thu, 7 Jul 2016 21:33:46 +0100
Message-ID: <CA+kxMuTEtx5Euii1XzF_rUztNAOSLO2VCWCBwbYbmv=JPMDsJQ@mail.gmail.com>
To: Leigh <leight@gmail.com>
Cc: Pierre Joye <pierre.php@gmail.com>, Yasuo Ohgaki <yohgaki@ohgaki.net>, 
	Dan Ackroyd <danack@php.net>, PHP internals <internals@lists.php.net>, 
	Stanislav Malyshev <smalyshev@gmail.com>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] Re: [RFC][VOTE] Session ID without hashing
From: danack@basereality.com (Dan Ackroyd)

> I think we need to drop the concerns about exposing "RNG state".
>
> If these are weak RNGs on your system, YOUR SYSTEM is broken.

Telling people that their system is broken isn't going to be
comforting to the people it happens to.

There are always bugs in software and hardware. At some point it is
almost inevitable that there will be some information leak through
exposing the random numbers directly. Just telling people that their
system is broken and they need to buy need hardware immediately,
rather than just being able to re-enable hashing seems a bad choice.

But even without accidental bugs, the scenario I am remain concerned
with is when a piece of hardware or software is compromised by a
sophisticated attacker, (hello NSA!) and the 'random' numbers
generated have some subtle pattern to them. To almost everyone, the
random numbers generated would still look random. But to the
organisation that compromised the system, and so knows the algorithm
that is leaving traces in the random sequences, exposing the random
numbers directly to the outside world would be an obvious but almost
untraceable line of attack on the system.

Hashing should still obfuscate any subtle patterns in the random
number generation, and so give some protection against comprised
chip-set/firmware. If users choose to continue to want the extra
security of hashing, at the cost of slightly slower session ID
generation we shouldn't removed that from them.

Yasuo wrote:
> Some of us worried about CSPRNG state exposure. I'm wondering how many
> of you will vote in favor if I change the RFC to use hash functions
> optionally.

Yes.

Though as I said before, I think changing session.use_strict_mode
should be a separate decision, and it's one I support doing.

cheers
Dan