Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:97775
Return-Path: <yohgaki@ohgaki.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 73847 invoked from network); 16 Jan 2017 07:17:31 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 16 Jan 2017 07:17:31 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@ohgaki.net
X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp  
Received: from [180.42.98.130] ([180.42.98.130:59538] helo=es-i.jp)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 08/44-00729-8837C785 for <internals@lists.php.net>; Mon, 16 Jan 2017 02:17:30 -0500
Received: (qmail 19138 invoked by uid 89); 16 Jan 2017 07:17:25 -0000
Received: from unknown (HELO mail-wm0-f44.google.com) (yohgaki@ohgaki.net@74.125.82.44)
  by 0 with ESMTPA; 16 Jan 2017 07:17:25 -0000
Received: by mail-wm0-f44.google.com with SMTP id r126so147081699wmr.0
        for <internals@lists.php.net>; Sun, 15 Jan 2017 23:17:24 -0800 (PST)
X-Gm-Message-State: AIkVDXJkjaJSftfeQ+McgwPgc/IDPy/HJX47HupLig8sTCok1q3GRD0PYeb1CN10HCtLEnJaj7d0br/DeeeW8Q==
X-Received: by 10.223.175.49 with SMTP id z46mr7104339wrc.84.1484551038338;
 Sun, 15 Jan 2017 23:17:18 -0800 (PST)
MIME-Version: 1.0
Received: by 10.195.12.8 with HTTP; Sun, 15 Jan 2017 23:16:37 -0800 (PST)
In-Reply-To: <CAGa2bXbFST=5DkhiJ6zJ1hJ5vZYUo7CnCDp+VXcyvSU-bWcyMg@mail.gmail.com>
References: <CAGa2bXbFST=5DkhiJ6zJ1hJ5vZYUo7CnCDp+VXcyvSU-bWcyMg@mail.gmail.com>
Date: Mon, 16 Jan 2017 16:16:37 +0900
X-Gmail-Original-Message-ID: <CAGa2bXak3tZ+kC6EeiA=ZCeynGSZbO-4Hpd1v_1oZVDHpSAvsA@mail.gmail.com>
Message-ID: <CAGa2bXak3tZ+kC6EeiA=ZCeynGSZbO-4Hpd1v_1oZVDHpSAvsA@mail.gmail.com>
To: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=f403045f4e3e4a90a9054630f907
Subject: Re: Improving mt_rand() seed
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--f403045f4e3e4a90a9054630f907
Content-Type: text/plain; charset=UTF-8

On Mon, Jan 16, 2017 at 4:04 PM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:

> Since I was about to improve uniqid()'s entropy by replacing
> php_combined_lcg() to php_random_int(), I spent time to check other places
> that could be a problem.
>
> mt_rand()'s is seeded as follows by default.
>
> ext/standard/php_rand.h
> #ifdef PHP_WIN32
> #define GENERATE_SEED() (((zend_long) (time(0) * GetCurrentProcessId())) ^
> ((zend_long) (1000000.0 * php_combined_lcg())))
> #else
> #define GENERATE_SEED() (((zend_long) (time(0) * getpid())) ^ ((zend_long)
> (1000000.0 * php_combined_lcg())))
> #endif
>
> We know this kind of seed is guessable. i.e. Our session id is compromised
> by this kind of code.
>
> Although it would be rare that raw mt_rand() value is exposed, but
> guessable value is guessable. I'm going to replace the seeding code by
> simple php_random_int() call.
>
> Any comments?
>

Read a bit more mt_rand code.It is better to exploit extremely long MT rand
cycle.
Therefore patch will be a little more complex than simply replacing the
seeding code.
Comments are appreciated.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--f403045f4e3e4a90a9054630f907--